forked from optune/meteor-auth0-oauth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth0_client.js
93 lines (82 loc) · 2.65 KB
/
auth0_client.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
'use strict';
/**
* Define the base object namespace. By convention we use the service name
* in PascalCase (aka UpperCamelCase). Note that this is defined as a package global (boilerplate).
*/
Auth0 = {};
Accounts.oauth.registerService('auth0');
Meteor.loginWithAuth0 = function(options, callback) {
/**
* support (options, callback) and (callback)
*/
if (!callback && typeof options === "function") {
callback = options;
options = null;
}
/**
*
*/
var credentialRequestCompleteCallback = Accounts.oauth.credentialRequestCompleteHandler(callback);
Auth0.requestCredential(options, credentialRequestCompleteCallback);
};
/**
* Request Auth0 credentials for the user (boilerplate).
* Called from accounts-auth0.
*
* @param {Object} options Optional
* @param {Function} credentialRequestCompleteCallback Callback function to call on completion.
* Takes one argument, credentialToken on
* success, or Error on error.
*/
Auth0.requestCredential = function(options, credentialRequestCompleteCallback) {
/**
* Support both (options, callback) and (callback).
*/
if (!credentialRequestCompleteCallback && typeof options === 'function') {
credentialRequestCompleteCallback = options;
options = {};
} else if (!options) {
options = {};
}
/**
* Make sure we have a config object for subsequent use (boilerplate)
*/
const config = {
clientId: Meteor.settings.public.AUTH0_CLIENT_ID,
hostname: Meteor.settings.public.AUTH0_DOMAIN,
loginStyle: 'redirect',
};
/**
* Boilerplate
*/
const credentialToken = Random.secret();
const loginStyle = OAuth._loginStyle('auth0', config, options);
/**
* Imgur requires response_type and client_id
* We use state to roundtrip a random token to help protect against CSRF (boilerplate)
*/
let loginUrl = `https://${config.hostname}/authorize/` +
'?response_type=code' +
'&client_id=' + config.clientId +
'&state=' + OAuth._stateParam(loginStyle, credentialToken) +
'&scope=offline_access' +
// '&connection=facebook' +
`&redirect_uri=${Meteor.absoluteUrl('_oauth/auth0')}`
;
if (options.type) {
loginUrl = loginUrl + '#' + options.type;
}
/**
* Client initiates OAuth login request (boilerplate)
*/
OAuth.launchLogin({
loginService: 'auth0',
loginStyle: loginStyle,
loginUrl: loginUrl,
credentialRequestCompleteCallback: credentialRequestCompleteCallback,
credentialToken: credentialToken,
popupOptions: {
height: 600
}
});
};