Skip to content

Commit

Permalink
companion: change oauth access token transport method
Browse files Browse the repository at this point in the history
ifedapoolarewaju committed Jun 15, 2019

Verified

This commit was signed with the committer’s verified signature.
Murderlon Merlijn Vos
1 parent a52e3f9 commit 942b867
Showing 3 changed files with 10 additions and 2 deletions.
3 changes: 3 additions & 0 deletions packages/@uppy/companion/src/config/grant.js
Original file line number Diff line number Diff line change
@@ -2,17 +2,20 @@
module.exports = () => {
return {
google: {
transport: 'session',
scope: [
'https://www.googleapis.com/auth/drive.readonly'
],
callback: '/drive/callback'
},
dropbox: {
transport: 'session',
authorize_url: 'https://www.dropbox.com/oauth2/authorize',
access_url: 'https://api.dropbox.com/oauth2/token',
callback: '/dropbox/callback'
},
instagram: {
transport: 'session',
callback: '/instagram/callback'
}
}
3 changes: 1 addition & 2 deletions packages/@uppy/companion/src/server/controllers/callback.js
Original file line number Diff line number Diff line change
@@ -17,8 +17,7 @@ module.exports = function callback (req, res, next) {
req.uppy.providerTokens = {}
}

// TODO see if the access_token can be transported in a different way that url query params
req.uppy.providerTokens[providerName] = req.query.access_token
req.uppy.providerTokens[providerName] = req.session.grant.response.access_token
logger.debug(`Generating auth token for provider ${providerName}.`)
const uppyAuthToken = tokenService.generateToken(req.uppy.providerTokens, req.uppy.options.secret)
return res.redirect(req.uppy.buildURL(`/${providerName}/send-token?uppyAuthToken=${uppyAuthToken}`, true))
6 changes: 6 additions & 0 deletions packages/@uppy/companion/test/mockserver.js
Original file line number Diff line number Diff line change
@@ -5,6 +5,12 @@ const session = require('express-session')
var authServer = express()

authServer.use(session({ secret: 'grant', resave: true, saveUninitialized: true }))
authServer.all('*/callback', (req, res, next) => {
req.session.grant = {
response: { access_token: 'fake token' }
}
next()
})
authServer.all('/drive/send-token', (req, res, next) => {
req.session.grant = {
state: 'non-empty-value' }

0 comments on commit 942b867

Please sign in to comment.