diff --git a/lib/oauth2server.js b/lib/oauth2server.js index b5dd5d799..5123c8bc9 100644 --- a/lib/oauth2server.js +++ b/lib/oauth2server.js @@ -70,13 +70,34 @@ OAuth2Server.prototype.authorise = function () { }; }; +/** + * Check authorisation Middleware + * + * Returns middleware that will authorise the request using oauth, depends on route param + * if successful it will allow the request to proceed to the next handler + * + * @return {Function} middleware + */ +OAuth2Server.prototype.checkAuthorise = function (routeParam) { + var self = this; + + return function (req, res, next) { + + if(req.route && req.route[routeParam]) { + new Authorise(self, req, next); + } else { + next(); + } + }; +}; + /** * Grant Middleware * * Returns middleware that will grant tokens to valid requests. * This would normally be mounted at '/oauth/token' e.g. * - * `app.all('/oauth/token', oauth.grant());` + * `server.post('/oauth/token', server.oauth.grant());` * * @return {Function} middleware */ @@ -137,60 +158,62 @@ OAuth2Server.prototype.authCodeGrant = function (check) { OAuth2Server.prototype.lockdown = function (server) { var self = this; - var lockdownRestify = function (mount) { - - }; - - var lockdownExpress3 = function (stack) { - // Check if it's a grant route - var pos = stack.indexOf(self.grant); - if (pos !== -1) { - stack[pos] = self.grant(); - return; - } - - // Check it's not been explitly bypassed - pos = stack.indexOf(self.bypass); - if (pos === -1) { - stack.unshift(self.authorise()); - } else { - stack.splice(pos, 1); - } - }; - - var lockdownExpress4 = function (layer) { - if (!layer.route) - return; - - var stack = layer.route.stack; - var handlers = stack.map(function (item) { - return item.handle; - }); - - // Check if it's a grant route - var pos = handlers.indexOf(self.grant); - if (pos !== -1) { - stack[pos].handle = self.grant(); - return; - } - - // Check it's not been explitly bypassed - pos = handlers.indexOf(self.bypass); - if (pos === -1) { - // Add authorise another route (could do it properly with express.route?) - var copy = {}; - var first = stack[0]; - for (var key in first) { - copy[key] = first[key]; - } - copy.handle = self.authorise(); - stack.unshift(copy); - } else { - stack.splice(pos, 1); - } - }; - - server.router.mounts.forEach(lockdownRestify); + //var lockdownRestify = function (mount) { + // //console.log(mount); + //}; + + //var lockdownExpress3 = function (stack) { + // // Check if it's a grant route + // var pos = stack.indexOf(self.grant); + // if (pos !== -1) { + // stack[pos] = self.grant(); + // return; + // } + // + // // Check it's not been explitly bypassed + // pos = stack.indexOf(self.bypass); + // if (pos === -1) { + // stack.unshift(self.authorise()); + // } else { + // stack.splice(pos, 1); + // } + //}; + // + //var lockdownExpress4 = function (layer) { + // if (!layer.route) + // return; + // + // var stack = layer.route.stack; + // var handlers = stack.map(function (item) { + // return item.handle; + // }); + // + // // Check if it's a grant route + // var pos = handlers.indexOf(self.grant); + // if (pos !== -1) { + // stack[pos].handle = self.grant(); + // return; + // } + // + // // Check it's not been explitly bypassed + // pos = handlers.indexOf(self.bypass); + // if (pos === -1) { + // // Add authorise another route (could do it properly with express.route?) + // var copy = {}; + // var first = stack[0]; + // for (var key in first) { + // copy[key] = first[key]; + // } + // copy.handle = self.authorise(); + // stack.unshift(copy); + // } else { + // stack.splice(pos, 1); + // } + //}; + + //for (var i in server.router.mounts) { + // lockdownRestify(server.router.mounts[i]); + //} }; /**