|
|
|
@ -59,15 +59,15 @@ class OAuth2Service extends SiteService { |
|
|
|
const verifyHttpBearer = this.verifyHttpBearer.bind(this); |
|
|
|
|
|
|
|
const basicStrategy = new BasicStrategy(verifyClient); |
|
|
|
this.log.info('registering Basic strategy', { basicStrategy }); |
|
|
|
this.log.info('registering Basic strategy', { name: basicStrategy.name }); |
|
|
|
passport.use(basicStrategy); |
|
|
|
|
|
|
|
const clientPasswordStrategy = new ClientPasswordStrategy(verifyClient); |
|
|
|
this.log.info('registering ClientPassword strategy', { clientPasswordStrategy }); |
|
|
|
this.log.info('registering ClientPassword strategy', { name: clientPasswordStrategy.name }); |
|
|
|
passport.use(clientPasswordStrategy); |
|
|
|
|
|
|
|
const httpBearerStrategy = new BearerStrategy(verifyHttpBearer); |
|
|
|
this.log.info('registering Bearer strategy', { httpBearerStrategy }); |
|
|
|
this.log.info('registering Bearer strategy', { name: httpBearerStrategy.name }); |
|
|
|
passport.use(httpBearerStrategy); |
|
|
|
} |
|
|
|
|
|
|
|
@ -274,13 +274,13 @@ class OAuth2Service extends SiteService { |
|
|
|
return client; |
|
|
|
} |
|
|
|
|
|
|
|
async verifyClient(clientId, clientSecret, done) { |
|
|
|
async verifyClient (clientId, clientSecret, done) { |
|
|
|
const client = await this.getClientById(clientId); |
|
|
|
if (!client) { |
|
|
|
this.log.alert('OAuth2 request from unknown client', { clientId }); |
|
|
|
return done(null, false); |
|
|
|
} |
|
|
|
if (client.clientSecret !== clientSecret) { |
|
|
|
if (client.secret !== clientSecret) { |
|
|
|
this.log.alert('OAuth2 client secret mismatch', { clientId }); |
|
|
|
return done(null, false); |
|
|
|
} |
|
|
|
|
