Extend a53c893 by allowing token reissuing

Model can return an object to indicate a reissue, plain string
(as in previous implementation) or null to revert to the default
token generator

Author: Thom Seddon

Readme.md

@@ -118,7 +118,7 @@ A model must provide the following methods:
 - `type`		`String` Token type, one of 'accessToken' or 'refreshToken'
 - `callback`	`Function` callback(error, token)
 	- `error`	`Mixed`	Truthy to indicate an error
-	- `token`	`String` The access token
+	- `token`	`String|Object|Null` String accessToken to indicate success, Object to indicate reissue (i.e. will not be passed on save*Token()) or Null to revert to the default token generator
 
 ## Extension Grants
 You can support extension/custom grants by implementing the extendedGrant method as outlined above.
@@ -133,4 +133,4 @@ Created by Thom Seddon
 
 ## License
 
-[Apache, Version 2.0](https://github.com/nightworld/node-oauth2-server/blob/master/LICENSE)
+[Apache, Version 2.0](https://github.com/nightworld/node-oauth2-server/blob/master/LICENSE)

lib/token.js

@@ -173,6 +173,12 @@ token.grantAccessToken = function (req, res, next) {
 	var createRefreshToken = function (err, refreshToken) {
 		if (err || !refreshToken) return next(err);
 
+		// Object indicates a reissue
+		if (typeof refreshToken === 'object' && refreshToken.refresh_token) {
+			req.oauth.accessToken.refresh_token = refreshToken.refresh_token;
+			return token.issueToken.call(oauth, req, res, next);
+		}
+
 		req.oauth.accessToken.refresh_token = refreshToken;
 
 		var expires = new Date(oauth.now);
@@ -186,9 +192,24 @@ token.grantAccessToken = function (req, res, next) {
 		});
 	};
 
+	var issueRefreshToken = function () {
+		// Are we issuing refresh tokens?
+		if (oauth.grants.indexOf('refresh_token') >= 0) {
+			token.generateToken.call(oauth, 'refreshToken', req, createRefreshToken);
+		} else {
+			token.issueToken.call(oauth, req, res, next);
+		}
+	};
+
 	var createAccessToken = function (err, accessToken) {
 		if (err || !accessToken) return next(err);
 
+		// Object idicates a reissue
+		if (typeof accessToken === 'object' && accessToken.access_token) {
+			req.oauth.accessToken = accessToken.access_token;
+			return issueRefreshToken();
+		}
+
 		req.oauth.accessToken = { access_token: accessToken };
 
 		var expires = new Date(oauth.now);
@@ -198,16 +219,11 @@ token.grantAccessToken = function (req, res, next) {
 				req.user.id, expires, function (err) {
 			if (err) return next(new OAuth2Error('server_error', false, err));
 
-			// Are we issuing refresh tokens?
-			if (oauth.grants.indexOf('refresh_token') >= 0) {
-				token.generateToken.call(oauth, 'refreshToken', createRefreshToken);
-			} else {
-				token.issueToken.call(oauth, req, res, next);
-			}
+			issueRefreshToken();
 		});
 	};
 
-	token.generateToken.call(oauth, 'accessToken', createAccessToken);
+	token.generateToken.call(oauth, 'accessToken', req, createAccessToken);
 };
 
 /**
@@ -233,12 +249,24 @@ token.issueToken = function (req, res, next) {
 /**
  * Convinience function for generating a token
  *
- * @param  {Function} next Connect next
- * @return {String}        Random 40 char token
+ * @param  {String}    req Connect req
+ * @param  {Function}  next Connect next
+ * @param  {Function}  callback
+ * @return {Void}
  */
-token.generateToken = function (type, callback) {
-	if (this.model.generateToken) return this.model.generateToken(type, callback);
+token.generateToken = function (type, req, callback) {
+	if (this.model.generateToken) {
+		this.model.generateToken(type, req, function (err, token) {
+			if (err) return callback(new OAuth2Error('server_error'));
+			if (!token) return token._generateToken(callback);
+			callback(false, token);
+		});
+	} else {
+		token._generateToken(callback);
+	}
+};
 
+token._generateToken= function (callback) {
 	crypto.randomBytes(256, function (ex, buffer) {
 		if (ex) return callback(new OAuth2Error('server_error'));
 

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "node-oauth2-server",
 	"description": "Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js",
-	"version": "1.2.0",
+	"version": "1.2.1",
 	"keywords": [
 		"oauth",
 		"oauth2"

test/oauth2server.token.js

@@ -315,7 +315,7 @@ describe('OAuth2Server.token()', function() {
 					getUser: function (uname, pword, callback) {
 						callback(false, { id: 1 });
 					},
-					generateToken: function (type, callback) {
+					generateToken: function (type, req, callback) {
 						callback(false, 'thommy');
 					},
 					saveAccessToken: function (accessToken, clientId, userId, expires, callback) {
@@ -337,6 +337,36 @@ describe('OAuth2Server.token()', function() {
 				.expect(/thommy/, 200, done);
 
 		});
+
+		it('should reissue if model returns object', function (done) {
+			var app = bootstrap({
+				model: {
+					getClient: function (id, secret, callback) {
+						callback(false, { client_id: id });
+					},
+					grantTypeAllowed: function (id, secret, callback) {
+						callback(false, true);
+					},
+					getUser: function (uname, pword, callback) {
+						callback(false, { id: 1 });
+					},
+					generateToken: function (type, req, callback) {
+						callback(false, { access_token: 'thommy' });
+					},
+					saveAccessToken: function (accessToken, clientId, userId, expires, callback) {
+						callback(new Error('Should not be saving'));
+					}
+				},
+				grants: ['password']
+			});
+
+			request(app)
+				.post('/oauth/token')
+				.set('Content-Type', 'application/x-www-form-urlencoded')
+				.send(validBody)
+				.expect(/thommy/, 200, done);
+
+		});
 	});
 
 	describe('saving access token', function () {