refreshing tokens: appbase tokens expire according to the time set in…

… dev console
sagar-chandarana · Oct 14, 2014 · ac7c658 · ac7c658
1 parent bb296c9
commit ac7c658
Showing 1 changed file with 75 additions and 6 deletions.
diff --git a/app.js b/app.js
@@ -28,12 +28,15 @@ var crypt = {
 }
 
 var stateStore = {
-	get: function(key, cb) {
-		redisC.get('stateMiddleware:'+ key, cb);
-	},
-	set: function(key, ttl, val, cb) {
-		redisC.setex('stateMiddleware:'+ key, ttl/1000, val, cb);
-	}
+  get: function(key, cb) {
+    redisC.get('stateMiddleware:'+ key, cb);
+  },
+  set: function(key, ttl, val, cb) {
+    redisC.setex('stateMiddleware:'+ key, ttl/1000, val, cb);
+  },
+  ttl: function(key, ttl, cb) {
+    redisC.expire('stateMiddleware:'+ key, ttl/1000, cb);
+  }
 }
 
 var oauth = require('oauthio');
@@ -101,7 +104,73 @@ app.post('/oauth/signin', function (req, res) {
 	});
 });
 
+
 app.post('/oauth/refresh', function(req, res) {
+  var tokenObj = crypt.decrypt(req.body.appbase_token);
+  if(tokenObj && (tokenObj.g + tokenObj.e >= Date.now())) {
+    var credentials = {};
+    request.get(oauth.getOAuthdUrl() + '/api/apps/' + tokenObj.a, function(error, responseFromOauthd) {
+      if(error) {
+        return res.status(400).send(responseFromOauthd? responseFromOauthd.body: e);
+      }
+      var appData = JSON.parse(responseFromOauthd.body).data;
+      if(req.body.for_appbase) {
+        tokenObj.g = Date.now();
+        tokenObj.e = appData.tokenExpiry>0 ? (appData.tokenExpiry * 1000) : tokenObj.e; //tokenExpiry is in secs
+        credentials.appbase = {
+          access_token: crypt.encrypt(tokenObj),
+          expires_in: tokenObj["e"]/1000
+        };
+      }
+      if(req.body.for_provider) {
+        stateStore.get(tokenObj.uuid, function(error, state) {
+          if(error) {
+            return res.status(500).send('Error getting state:', error);
+          }
+          try {
+            state = JSON.parse(state);
+            if(!state) {
+              return res.status(500).send("Error retriving provider token.");
+            }
+            oauth.auth(state.provider, state, {
+              public_key: tokenObj.a,
+              secret_key: appData.secret,
+              force_refresh: true
+            })
+            .then(function (request_object) {
+              var creds = request_object.getCredentials();
+              var encryptedToken = crypt.encrypt(tokenObj);
+              credentials.provider = {
+                provider: state.provider,
+                access_token: creds.access_token,
+                oauth_token: creds.oauth_token,
+                oauth_token_secret: creds.oauth_token_secret, 
+                expires_in: creds.expires_in,
+                token_type: creds.token_type,
+                request: creds.request	
+              }
+
+              stateStore.set(tokenObj.uuid, tokenObj.e, JSON.stringify(state));
+              res.json(credentials);
+            })
+            .fail(function (e) {
+              res.status(500).send(e);
+            });
+          } catch(e) {
+            res.status(500).send("Error retriving provider token:" + e);
+          }
+        });
+      } else {
+        stateStore.ttl(tokenObj.uuid, tokenObj.e);
+        res.json(credentials);
+      }
+    })
+  } else {
+    res.status(400).send('Invalid or expired appbase_token');
+  }
+});
+
+app.post('/oauth1/refresh', function(req, res) {
 	var tokenObj = crypt.decrypt(req.body.appbase_token);
 	if(tokenObj && (tokenObj.g + tokenObj.e >= Date.now())) {
 		var credentials = {};