feat(baseConfig): replace both tokenPrefix options with `tokenStora…

…ge` (breaking) BREAKING CHANGE: Token prefixes were using another 'unrelated' option to make up the full storage keys. This was unnecessary, confusing and could have resulted in the same storage location being shared between both the refresh and access tokens. README updated to reflect current design.
SpoonX · Apr 9, 2016 · 4f98493 · 4f98493
1 parent ab4756f
commit 4f98493
Show file tree

Hide file tree

Showing 3 changed files with 82 additions and 64 deletions.
diff --git a/README.md b/README.md
@@ -315,29 +315,16 @@ unlinkUrl: '/auth/unlink/',
 // The HTTP method used for 'unlink' requests (Options: 'get' or 'post')
 unlinkMethod: 'get',
 
-// Refresh Token Options
-// =====================
-
-// Option to turn refresh tokens On/Off
-useRefreshToken: false,
-// The option to enable/disable the automatic refresh of Auth tokens using Refresh Tokens
-autoUpdateToken: true,
-// This allows the refresh token to be a further object deeper `{ "responseTokenProp": { "refreshTokenRoot" : { "tokenName" : '...' } } }`
-refreshTokenRoot: false,
-// This is the property from which to get the token `{ "responseTokenProp": { "refreshTokenName" : '...' } }`
-refreshTokenName: 'refresh_token',
-// Prepended to the `refreshTokenName` when kept in storage (nothing to do with)
-refreshTokenPrefix: 'aurelia',
-// Oauth Client Id
-clientId: false,
 
-// Token Related options
-// =====================
+// Token Options
+// =============
 
 // The header property used to contain the authToken in the header of API requests that require authentication
 authHeader: 'Authorization',
 // The token name used in the header of API requests that require authentication
 authToken: 'Bearer',
+// The property name used when storing the token locally
+tokenStorage: 'aurelia_access_token',
 // The the property from which to get the authentication token after a successful login or signup
 responseTokenProp: 'access_token',
 
@@ -350,6 +337,27 @@ tokenName: 'token',
 tokenRoot: false,
 
 
+// Refresh Token Options
+// =====================
+
+// Option to turn refresh tokens On/Off
+useRefreshToken: false,
+// The option to enable/disable the automatic refresh of Auth tokens using Refresh Tokens
+autoUpdateToken: true,
+// Oauth Client Id
+clientId: false,
+// The property name used when storing the refresh token locally
+refreshTokenStorage: 'aurelia_refresh_token',
+
+// If `refresh_token` is an object:
+// ------------------------------------------------------------
+
+// This is the property from which to get the token `{ "refresh_token": { "refreshTokenName" : '...' } }`
+refreshTokenName: 'refresh_token',
+// This allows the refresh token to be a further object deeper `{ "refresh_token": { "refreshTokenRoot" : { "refreshTokenName" : '...' } } }`
+refreshTokenRoot: false,
+
+
 // Miscellaneous Options
 // =====================
 
@@ -362,8 +370,6 @@ withCredentials: true,
 platform: 'browser',
 // Determines the `window` property name upon which aurelia-authentication data is stored (Default: `window.localStorage`)
 storage: 'localStorage',
-// Prepended to the `tokenName` when kept in storage (nothing to do with)
-tokenPrefix: 'aurelia',
 
 
 // OAuth provider specific related configuration
@@ -450,6 +456,18 @@ providers: {
     display: 'popup',
     type: '2.0',
     popupOptions: { width: 500, height: 560 }
+  },
+  instagram: {
+    name: 'instagram',
+    url: '/auth/instagram',
+    authorizationEndpoint: 'https://api.instagram.com/oauth/authorize',
+    redirectUri: window.location.origin || window.location.protocol + '//' + window.location.host,
+    requiredUrlParams: ['scope'],
+    scope: ['basic'],
+    scopeDelimiter: '+',
+    display: 'popup',
+    type: '2.0',
+    popupOptions: { width: 550, height: 369 }
   }
 }
 ```

diff --git a/src/authentication.js b/src/authentication.js
@@ -10,14 +10,6 @@ export class Authentication {
     this.config  = config.current;
   }
 
-  get refreshTokenName() {
-    return authUtils.addTokenPrefix(this.config.refreshTokenPrefix, this.config.refreshTokenName);
-  }
-
-  get tokenName() {
-    return authUtils.addTokenPrefix(this.config.tokenPrefix, this.config.tokenName);
-  }
-
   getLoginRoute() {
     return this.config.loginRoute;
   }
@@ -39,15 +31,15 @@ export class Authentication {
   }
 
   getToken() {
-    return this.storage.get(this.tokenName);
+    return this.storage.get(this.config.tokenStorage);
   }
 
   getRefreshToken() {
-    return this.storage.get(this.refreshTokenName);
+    return this.storage.get(this.config.refreshTokenStorage);
   }
 
   getPayload() {
-    let token = this.storage.get(this.tokenName);
+    let token = this.storage.get(this.config.tokenStorage);
 
     if (token && token.split('.').length === 3) {
       let base64Url = token.split('.')[1];
@@ -61,7 +53,6 @@ export class Authentication {
   }
 
   setTokenFromResponse(response, redirect) {
-    let tokenName   = this.tokenName;
     let accessToken = response && response[this.config.responseTokenProp];
     let token;
 
@@ -74,16 +65,20 @@ export class Authentication {
     }
 
     if (!token && response) {
-      token = this.config.tokenRoot && response[this.config.tokenRoot] ? response[this.config.tokenRoot][this.config.tokenName] : response[this.config.tokenName];
+      token = this.config.tokenRoot && response[this.config.tokenRoot]
+        ? response[this.config.tokenRoot][this.config.tokenName]
+        : response[this.config.tokenName];
     }
 
     if (!token) {
-      let tokenPath = this.config.tokenRoot ? this.config.tokenRoot + '.' + this.config.tokenName : this.config.tokenName;
+      let tokenPath = this.config.tokenRoot
+        ? this.config.tokenRoot + '.' + this.config.tokenName
+        : this.config.tokenName;
 
       throw new Error('Expecting a token named "' + tokenPath + '" but instead got: ' + JSON.stringify(response));
     }
 
-    this.storage.set(tokenName, token);
+    this.storage.set(this.config.tokenStorage, token);
 
     if (this.config.loginRedirect && !redirect) {
       window.location.href = this.config.loginRedirect;
@@ -93,9 +88,7 @@ export class Authentication {
   }
 
   setRefreshTokenFromResponse(response) {
-    let refreshTokenName = this.refreshTokenName;
-    let refreshToken     = response && response.refresh_token;
-    let refreshTokenPath;
+    let refreshToken = response && response.refresh_token;
     let token;
 
     if (refreshToken) {
@@ -111,27 +104,28 @@ export class Authentication {
         ? response[this.config.refreshTokenRoot][this.config.refreshTokenName]
         : response[this.config.refreshTokenName];
     }
+
     if (!token) {
-      refreshTokenPath = this.config.refreshTokenRoot
+      let refreshTokenPath = this.config.refreshTokenRoot
         ? this.config.refreshTokenRoot + '.' + this.config.refreshTokenName
         : this.config.refreshTokenName;
 
       throw new Error('Expecting a refresh token named "' + refreshTokenPath + '" but instead got: ' + JSON.stringify(response.content));
     }
 
-    this.storage.set(refreshTokenName, token);
+    this.storage.set(this.config.refreshTokenStorage, token);
   }
 
   removeToken() {
-    this.storage.remove(this.tokenName);
+    this.storage.remove(this.config.tokenStorage);
   }
 
   removeRefreshToken() {
-    this.storage.remove(this.refreshTokenName);
+    this.storage.remove(this.config.refreshTokenStorage);
   }
 
   isAuthenticated() {
-    let token = this.storage.get(this.tokenName);
+    let token = this.storage.get(this.config.tokenStorage);
 
     // There's no token, so user is not authenticated.
     if (!token) {
@@ -173,8 +167,8 @@ export class Authentication {
 
   logout(redirect) {
     return new Promise(resolve => {
-      this.storage.remove(this.tokenName);
-      this.storage.remove(this.refreshTokenName);
+      this.storage.remove(this.config.tokenStorage);
+      this.storage.remove(this.config.refreshTokenStorage);
 
       if (this.config.logoutRedirect && !redirect) {
         window.location.href = this.config.logoutRedirect;

diff --git a/src/baseConfig.js b/src/baseConfig.js
@@ -55,29 +55,16 @@ export class BaseConfig {
       // The HTTP method used for 'unlink' requests (Options: 'get' or 'post')
       unlinkMethod: 'get',
 
-      // Refresh Token Options
-      // =====================
-
-      // Option to turn refresh tokens On/Off
-      useRefreshToken: false,
-      // The option to enable/disable the automatic refresh of Auth tokens using Refresh Tokens
-      autoUpdateToken: true,
-      // This allows the refresh token to be a further object deeper `{ "responseTokenProp": { "refreshTokenRoot" : { "tokenName" : '...' } } }`
-      refreshTokenRoot: false,
-      // This is the property from which to get the token `{ "responseTokenProp": { "refreshTokenName" : '...' } }`
-      refreshTokenName: 'refresh_token',
-      // Prepended to the `refreshTokenName` when kept in storage (nothing to do with)
-      refreshTokenPrefix: 'aurelia',
-      // Oauth Client Id
-      clientId: false,
 
-      // Token Related options
-      // =====================
+      // Token Options
+      // =============
 
       // The header property used to contain the authToken in the header of API requests that require authentication
       authHeader: 'Authorization',
       // The token name used in the header of API requests that require authentication
       authToken: 'Bearer',
+      // The property name used when storing the token locally
+      tokenStorage: 'aurelia_access_token',
       // The the property from which to get the authentication token after a successful login or signup
       responseTokenProp: 'access_token',
 
@@ -90,6 +77,27 @@ export class BaseConfig {
       tokenRoot: false,
 
 
+      // Refresh Token Options
+      // =====================
+
+      // Option to turn refresh tokens On/Off
+      useRefreshToken: false,
+      // The option to enable/disable the automatic refresh of Auth tokens using Refresh Tokens
+      autoUpdateToken: true,
+      // Oauth Client Id
+      clientId: false,
+      // The property name used when storing the refresh token locally
+      refreshTokenStorage: 'aurelia_refresh_token',
+
+      // If `refresh_token` is an object:
+      // ------------------------------------------------------------
+
+      // This is the property from which to get the token `{ "refresh_token": { "refreshTokenName" : '...' } }`
+      refreshTokenName: 'refresh_token',
+      // This allows the refresh token to be a further object deeper `{ "refresh_token": { "refreshTokenRoot" : { "refreshTokenName" : '...' } } }`
+      refreshTokenRoot: false,
+
+
       // Miscellaneous Options
       // =====================
 
@@ -100,10 +108,8 @@ export class BaseConfig {
       withCredentials: true,
       // Controls how the popup is shown for different devices (Options: 'browser' or 'mobile')
       platform: 'browser',
-      // Determines the `window` property name upon which aurelia-auth data is stored (Default: `window.localStorage`)
+      // Determines the `window` property name upon which aurelia-authentication data is stored (Default: `window.localStorage`)
       storage: 'localStorage',
-      // Prepended to the `tokenName` when kept in storage (nothing to do with)
-      tokenPrefix: 'aurelia',
 
 
       //OAuth provider specific related configuration