diff --git a/src/clients.js b/src/clients.js index 10e7f94b6..9eb0dcae8 100644 --- a/src/clients.js +++ b/src/clients.js @@ -14,6 +14,8 @@ exports = module.exports = { addTokenByUserId: addTokenByUserId, delToken: delToken, + issueDeveloperToken: issueDeveloperToken, + addDefaultClients: addDefaultClients, // client type enums @@ -27,11 +29,14 @@ var apps = require('./apps.js'), assert = require('assert'), async = require('async'), clientdb = require('./clientdb.js'), + constants = require('./constants.js'), DatabaseError = require('./databaseerror.js'), debug = require('debug')('box:clients'), + eventlog = require('./eventlog.js'), hat = require('hat'), accesscontrol = require('./accesscontrol.js'), tokendb = require('./tokendb.js'), + users = require('./users.js'), util = require('util'), uuid = require('uuid'); @@ -264,6 +269,23 @@ function addTokenByUserId(clientId, userId, expiresAt, callback) { }); } +// this issues a cid-cli token that does not require a password in various routes +function issueDeveloperToken(userObject, ip, callback) { + assert.strictEqual(typeof userObject, 'object'); + assert.strictEqual(typeof ip, 'string'); + assert.strictEqual(typeof callback, 'function'); + + const expiresAt = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; + + addTokenByUserId('cid-cli', userObject.id, expiresAt, function (error, result) { + if (error) return callback(error); + + eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'cli', ip: ip }, { userId: userObject.id, user: users.removePrivateFields(userObject) }); + + callback(null, result); + }); +} + function delToken(clientId, tokenId, callback) { assert.strictEqual(typeof clientId, 'string'); assert.strictEqual(typeof tokenId, 'string'); diff --git a/src/developer.js b/src/developer.js deleted file mode 100644 index c513b5e7f..000000000 --- a/src/developer.js +++ /dev/null @@ -1,56 +0,0 @@ -/* jslint node: true */ - -'use strict'; - -exports = module.exports = { - DeveloperError: DeveloperError, - - issueDeveloperToken: issueDeveloperToken -}; - -var accesscontrol = require('./accesscontrol.js'), - assert = require('assert'), - constants = require('./constants.js'), - eventlog = require('./eventlog.js'), - tokendb = require('./tokendb.js'), - users = require('./users.js'), - util = require('util'); - -function DeveloperError(reason, errorOrMessage) { - assert.strictEqual(typeof reason, 'string'); - assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined'); - - Error.call(this); - Error.captureStackTrace(this, this.constructor); - - this.name = this.constructor.name; - this.reason = reason; - if (typeof errorOrMessage === 'undefined') { - this.message = reason; - } else if (typeof errorOrMessage === 'string') { - this.message = errorOrMessage; - } else { - this.message = 'Internal error'; - this.nestedError = errorOrMessage; - } -} -util.inherits(DeveloperError, Error); -DeveloperError.INTERNAL_ERROR = 'Internal Error'; -DeveloperError.EXTERNAL_ERROR = 'External Error'; - -function issueDeveloperToken(userObject, ip, callback) { - assert.strictEqual(typeof userObject, 'object'); - assert.strictEqual(typeof ip, 'string'); - assert.strictEqual(typeof callback, 'function'); - - var token = tokendb.generateToken(); - var expiresAt = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; - - tokendb.add(token, userObject.id, 'cid-cli', expiresAt, accesscontrol.SCOPE_ANY, function (error) { - if (error) return callback(new DeveloperError(DeveloperError.INTERNAL_ERROR, error)); - - eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'cli', ip: ip }, { userId: userObject.id, user: users.removePrivateFields(userObject) }); - - callback(null, { token: token, expiresAt: new Date(expiresAt).toISOString() }); - }); -} diff --git a/src/routes/developer.js b/src/routes/developer.js index 9df5e279b..f752f6a0e 100644 --- a/src/routes/developer.js +++ b/src/routes/developer.js @@ -4,7 +4,7 @@ exports = module.exports = { login: login }; -var developer = require('../developer.js'), +var clients = require('../clients.js'), passport = require('passport'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, @@ -24,10 +24,10 @@ function login(req, res, next) { if (!verified) return next(new HttpError(401, 'Invalid totpToken')); } - developer.issueDeveloperToken(user, ip, function (error, result) { + clients.issueDeveloperToken(user, ip, function (error, result) { if (error) return next(new HttpError(500, error)); - next(new HttpSuccess(200, { token: result.token, expiresAt: result.expiresAt })); + next(new HttpSuccess(200, result)); }); })(req, res, next); } diff --git a/src/routes/test/developer-test.js b/src/routes/test/developer-test.js index 8d5e7e659..1061fb8b8 100644 --- a/src/routes/test/developer-test.js +++ b/src/routes/test/developer-test.js @@ -134,8 +134,8 @@ describe('Developer API', function () { .send({ username: USERNAME, password: PASSWORD }) .end(function (error, result) { expect(result.statusCode).to.equal(200); - expect(new Date(result.body.expiresAt).toString()).to.not.be('Invalid Date'); - expect(result.body.token).to.be.a('string'); + expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date'); + expect(result.body.accessToken).to.be.a('string'); done(); }); }); @@ -145,8 +145,8 @@ describe('Developer API', function () { .send({ username: USERNAME.toUpperCase(), password: PASSWORD }) .end(function (error, result) { expect(result.statusCode).to.equal(200); - expect(new Date(result.body.expiresAt).toString()).to.not.be('Invalid Date'); - expect(result.body.token).to.be.a('string'); + expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date'); + expect(result.body.accessToken).to.be.a('string'); done(); }); }); @@ -156,8 +156,8 @@ describe('Developer API', function () { .send({ username: EMAIL, password: PASSWORD }) .end(function (error, result) { expect(result.statusCode).to.equal(200); - expect(new Date(result.body.expiresAt).toString()).to.not.be('Invalid Date'); - expect(result.body.token).to.be.a('string'); + expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date'); + expect(result.body.accessToken).to.be.a('string'); done(); }); }); @@ -167,8 +167,8 @@ describe('Developer API', function () { .send({ username: EMAIL.toUpperCase(), password: PASSWORD }) .end(function (error, result) { expect(result.statusCode).to.equal(200); - expect(new Date(result.body.expiresAt).toString()).to.not.be('Invalid Date'); - expect(result.body.token).to.be.a('string'); + expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date'); + expect(result.body.accessToken).to.be.a('string'); done(); }); }); @@ -187,7 +187,7 @@ describe('Developer API', function () { }, function (callback) { superagent.post(`${SERVER_URL}/api/v1/developer/login`).send({ username: USERNAME, password: PASSWORD }).end(function (error, result) { - accessToken = result.body.token; + accessToken = result.body.accessToken; callback(error); }); }, @@ -245,7 +245,7 @@ describe('Developer API', function () { expect(error).to.be(null); expect(result.statusCode).to.equal(200); expect(result.body).to.be.an(Object); - expect(result.body.token).to.be.a('string'); + expect(result.body.accessToken).to.be.a('string'); done(); }); }); @@ -264,16 +264,16 @@ describe('Developer API', function () { .end(function (error, result) { expect(result).to.be.ok(); - token_normal = result.body.token; + token_normal = result.body.accessToken; superagent.post(SERVER_URL + '/api/v1/developer/login') .send({ username: USERNAME, password: PASSWORD }) .end(function (error, result) { expect(result.statusCode).to.equal(200); - expect(new Date(result.body.expiresAt).toString()).to.not.be('Invalid Date'); - expect(result.body.token).to.be.a('string'); + expect(new Date(result.body.expires).toString()).to.not.be('Invalid Date'); + expect(result.body.accessToken).to.be.a('string'); - token_sdk = result.body.token; + token_sdk = result.body.accessToken; callback(); }); @@ -286,7 +286,7 @@ describe('Developer API', function () { it('fails with non sdk token', function (done) { superagent.post(SERVER_URL + '/api/v1/user/profile/password').query({ access_token: token_normal }).send({ newPassword: 'Some?$123' }).end(function (error, result) { - expect(result.statusCode).to.equal(400); + expect(result.statusCode).to.equal(401); done(); }); }); diff --git a/src/routes/test/oauth2-test.js b/src/routes/test/oauth2-test.js index 5f182cb65..430c38522 100644 --- a/src/routes/test/oauth2-test.js +++ b/src/routes/test/oauth2-test.js @@ -596,7 +596,7 @@ describe('OAuth2', function () { setup, function (callback) { superagent.post(`${SERVER_URL}/api/v1/developer/login`).send({ username: USER_0.username, password: USER_0.password }).end(function (error, result) { - accessToken = result.body.token; + accessToken = result.body.accessToken; callback(error); }); },