Skip to content

Commit

Permalink
Merge pull request transloadit#1668 from transloadit/acess-token-session
Browse files Browse the repository at this point in the history
companion: change oauth access token transport method
  • Loading branch information
ifedapoolarewaju authored Jun 17, 2019
2 parents 466d600 + 71451ee commit f8fdafc
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 2 deletions.
3 changes: 3 additions & 0 deletions src/config/grant.js
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,20 @@
module.exports = () => {
return {
google: {
transport: 'session',
scope: [
'https://www.googleapis.com/auth/drive.readonly'
],
callback: '/drive/callback'
},
dropbox: {
transport: 'session',
authorize_url: 'https://www.dropbox.com/oauth2/authorize',
access_url: 'https://api.dropbox.com/oauth2/token',
callback: '/dropbox/callback'
},
instagram: {
transport: 'session',
callback: '/instagram/callback'
}
}
Expand Down
3 changes: 1 addition & 2 deletions src/server/controllers/callback.js
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,7 @@ module.exports = function callback (req, res, next) {
req.uppy.providerTokens = {}
}

// TODO see if the access_token can be transported in a different way that url query params
req.uppy.providerTokens[providerName] = req.query.access_token
req.uppy.providerTokens[providerName] = req.session.grant.response.access_token
logger.debug(`Generating auth token for provider ${providerName}.`)
const uppyAuthToken = tokenService.generateToken(req.uppy.providerTokens, req.uppy.options.secret)
return res.redirect(req.uppy.buildURL(`/${providerName}/send-token?uppyAuthToken=${uppyAuthToken}`, true))
Expand Down
6 changes: 6 additions & 0 deletions test/mockserver.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@ const session = require('express-session')
var authServer = express()

authServer.use(session({ secret: 'grant', resave: true, saveUninitialized: true }))
authServer.all('*/callback', (req, res, next) => {
req.session.grant = {
response: { access_token: 'fake token' }
}
next()
})
authServer.all('/drive/send-token', (req, res, next) => {
req.session.grant = {
state: 'non-empty-value' }
Expand Down

0 comments on commit f8fdafc

Please sign in to comment.