Merge pull request #46 from ancamcheachta/master

mjsalinger · web-flow · commit 6aa9fd600c22 · 2017-04-26T13:03:21.000-04:00
Updated getters to use lean, fixed saveToken
diff --git a/examples/mongodb/model.js b/examples/mongodb/model.js
@@ -13,10 +13,12 @@ var Schema = mongoose.Schema;
 mongoose.model('OAuthTokens', new Schema({
   accessToken: { type: String },
   accessTokenExpiresOn: { type: Date },
+  client : { type: Object },  // `client` and `user` are required in multiple places, for example `getAccessToken()`
   clientId: { type: String },
   refreshToken: { type: String },
   refreshTokenExpiresOn: { type: Date },
-  userId: { type: String }
+  user : { type: Object },
+  userId: { type: String },
 }));
 
 mongoose.model('OAuthClients', new Schema({
@@ -42,56 +44,67 @@ var OAuthUsersModel = mongoose.model('OAuthUsers');
  */
 
 module.exports.getAccessToken = function(bearerToken) {
-  console.log('in getAccessToken (bearerToken: ' + bearerToken + ')');
-
-  return OAuthTokensModel.findOne({ accessToken: bearerToken });
+  // Adding `.lean()`, as we get a mongoose wrapper object back from `findOne(...)`, and oauth2-server complains.
+  return OAuthTokensModel.findOne({ accessToken: bearerToken }).lean();
 };
 
 /**
  * Get client.
  */
 
 module.exports.getClient = function(clientId, clientSecret) {
-  console.log('in getClient (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ')');
-
-  return OAuthClientsModel.findOne({ clientId: clientId, clientSecret: clientSecret });
+  return OAuthClientsModel.findOne({ clientId: clientId, clientSecret: clientSecret }).lean();
 };
 
 /**
  * Get refresh token.
  */
 
 module.exports.getRefreshToken = function(refreshToken) {
-  console.log('in getRefreshToken (refreshToken: ' + refreshToken + ')');
-
-  return OAuthTokensModel.findOne({ refreshToken: refreshToken });
+  return OAuthTokensModel.findOne({ refreshToken: refreshToken }).lean();
 };
 
-/*
+/**
  * Get user.
  */
 
 module.exports.getUser = function(username, password) {
-  console.log('in getUser (username: ' + username + ', password: ' + password + ')');
-
-  return OAuthUsersModel.findOne({ username: username, password: password });
+  return OAuthUsersModel.findOne({ username: username, password: password }).lean();
 };
 
 /**
  * Save token.
  */
 
 module.exports.saveToken = function(token, client, user) {
-  console.log('in saveToken (token: ' + token + ')');
-
   var accessToken = new OAuthTokensModel({
     accessToken: token.accessToken,
     accessTokenExpiresOn: token.accessTokenExpiresOn,
-    clientId: client.id,
+    client : client,
+    clientId: client.clientId,
     refreshToken: token.refreshToken,
     refreshTokenExpiresOn: token.refreshTokenExpiresOn,
-    userId: user.id
+    user : user,
+    userId: user._id,
+  });
+  // Can't just chain `lean()` to `save()` as we did with `findOne()` elsewhere. Instead we use `Promise` to resolve the data.
+  return new Promise( function(resolve,reject){
+    accessToken.save(function(err,data){
+      if( err ) reject( err );
+      else resolve( data );
+    }) ;
+  }).then(function(saveResult){
+    // `saveResult` is mongoose wrapper object, not doc itself. Calling `toJSON()` returns the doc.
+    saveResult = saveResult && typeof saveResult == 'object' ? saveResult.toJSON() : saveResult;
+    
+    // Unsure what else points to `saveResult` in oauth2-server, making copy to be safe
+    var data = new Object();
+    for( var prop in saveResult ) data[prop] = saveResult[prop];
+    
+    // /oauth-server/lib/models/token-model.js complains if missing `client` and `user`. Creating missing properties.
+    data.client = data.clientId;
+    data.user = data.userId;
+
+    return data;
   });
-
-  return accessToken.save();
 };
