support for short lived refresh token in implicit flow

offlinehacker · offlinehacker · commit 1eea733ae3f9 · 2015-10-28T14:46:55.000+01:00
diff --git a/lib/authCodeGrant.js b/lib/authCodeGrant.js
@@ -44,7 +44,9 @@ var tokenFns = [
   checkClient,
   checkUserApproved,
   generateAccessToken,
+  generateRefreshToken,
   saveAccessToken,
+  saveRefreshToken,
   redirect
 ];
 
@@ -197,6 +199,19 @@ function generateAccessToken (done) {
   });
 }
 
+/* Generate refresh token
+ *
+ * @param  {Function} done
+ * @this   OAuth
+ */
+function generateRefreshToken (done) {
+  var self = this;
+  token(this, 'refreshToken', function (err, token) {
+    self.refreshToken = token;
+    done(err);
+  });
+}
+
 /**
  * Check client against model
  *
@@ -242,6 +257,34 @@ function saveAccessToken (done) {
   });
 }
 
+/**
+ * Save refresh token with model
+ *
+ * @param  {Function} done
+ * @this   OAuth
+ */
+function saveRefreshToken (done) {
+  var refreshToken = this.refreshToken;
+
+  // Object idicates a reissue
+  if (typeof refreshToken === 'object' && refreshToken.refreshToken) {
+    this.refreshToken = refreshToken.refreshToken;
+    return done();
+  }
+
+  var expires = null;
+  if (this.config.refreshTokenLifetime !== null) {
+    expires = new Date();
+    expires.setSeconds(expires.getSeconds() + this.config.implicitRefreshTokenLifetime);
+  }
+
+  this.model.saveRefreshToken(refreshToken, this.client.clientId, expires,
+      this.user, function (err) {
+    if (err) return done(error('server_error', false, err));
+    done();
+  });
+}
+
 /**
  * Check client against model
  *
@@ -255,7 +298,7 @@ function redirect (done) {
   if(this.responseType === 'code') {
     url = this.client.redirectUri + '?code=' + this.authCode;
   } else {
-    url = this.client.redirectUri + '?access_token=' + this.accessToken  +'&token_type=bearer';
+    url = this.client.redirectUri + '?access_token=' + this.accessToken + '&refresh_token=' + this.refreshToken + "&expires_in=" + this.config.accessTokenLifetime +'&token_type=bearer';
   }
 
   if(typeof this.req.body.state !== 'undefined') {
diff --git a/lib/oauth2server.js b/lib/oauth2server.js
@@ -49,6 +49,9 @@ function OAuth2Server (config) {
     config.implicitEnabled : false;
   this.refreshTokenLifetime = config.refreshTokenLifetime !== undefined ?
     config.refreshTokenLifetime : 1209600;
+  this.implicitRefreshTokenLifetime =
+    config.implicitRefreshTokenLifetime !== undefined ?
+    config.implicitRefreshTokenLifetime : 86400;
   this.authCodeLifetime = config.authCodeLifetime || 30;
 
   this.regex = {
