verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #361 from strongloop/feature/fix-issue-333 

Fix the typo and add Bearer token support
This commit is contained in:
Raymond Feng 2014-07-02 11:18:02 -07:00
parent 88a668cfe5 217c9fa348
commit d8c3376417
2 changed files with 42 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/models/access-token.js
View File

@ -209,12 +209,20 @@ function tokenIdForRequest(req, options) {
id = req.header(headers[i]); id = req.header(headers[i]);
if(typeof id === 'string') { if(typeof id === 'string') {
// Add support for oAuth 2.0 bearer token
// http://tools.ietf.org/html/rfc6750
if (id.indexOf('Bearer ') === 0) {
id = id.substring(7);
// Decode from base64
var buf = new Buffer(id, 'base64');
id = buf.toString('utf8');
}
return id; return id;
} }
} }
if(req.signedCookies) { if(req.signedCookies) {
for(i = 0, length = headers.length; i < length; i++) { for(i = 0, length = cookies.length; i < length; i++) {
id = req.signedCookies[cookies[i]]; id = req.signedCookies[cookies[i]];
if(typeof id === 'string') { if(typeof id === 'string') {

34
test/access-token.test.js
View File

@ -12,7 +12,25 @@ describe('loopback.token(options)', function() {
.end(done); .end(done);
}); });
it('should populate req.token from a header', function (done) { it('should populate req.token from an authorization header', function (done) {
createTestAppAndRequest(this.token, done)
.get('/')
.set('authorization', this.token.id)
.expect(200)
.end(done);
});
it('should populate req.token from an X-Access-Token header', function (done) {
createTestAppAndRequest(this.token, done)
.get('/')
.set('X-Access-Token', this.token.id)
.expect(200)
.end(done);
});
it('should populate req.token from an authorization header with bearer token', function (done) {
var token = this.token.id;
token = 'Bearer '+ new Buffer(token).toString('base64');
createTestAppAndRequest(this.token, done) createTestAppAndRequest(this.token, done)
.get('/') .get('/')
.set('authorization', this.token.id) .set('authorization', this.token.id)
@ -33,6 +51,20 @@ describe('loopback.token(options)', function() {
}); });
}); });
it('should populate req.token from a header or a secure cookie', function (done) {
var app = createTestApp(this.token, done);
var id = this.token.id;
request(app)
.get('/token')
.end(function(err, res) {
request(app)
.get('/')
.set('authorization', id)
.set('Cookie', res.header['set-cookie'])
.end(done);
});
});
it('should skip when req.token is already present', function(done) { it('should skip when req.token is already present', function(done) {
var tokenStub = { id: 'stub id' }; var tokenStub = { id: 'stub id' };
app.use(function(req, res, next) { app.use(function(req, res, next) {