Vkontakte Auth: Change users.get to secure.checkToken (#2880)
* Change users.get to secure.checkToken You can't get user info by client token due vk restrictions. You must check token via secure.checkToken. * Configuration checks for vk auth. * Move config check to promise, remove debug log, add message to logger on error.
This commit is contained in:
Eugene Antropov
committed by
Florent Vilmart
Florent Vilmart
parent
b88b0c578f
commit
305b037176
@@ -1,18 +1,37 @@
|
||||
'use strict';
|
||||
|
||||
// Helper functions for accessing the vkontakte API.
|
||||
|
||||
var https = require('https');
|
||||
var Parse = require('parse/node').Parse;
|
||||
var logger = require('../logger').default;
|
||||
|
||||
// Returns a promise that fulfills iff this user id is valid.
|
||||
function validateAuthData(authData) {
|
||||
return request("users.get?v=V&access_token=" + authData.access_token).then(function (response) {
|
||||
if (response && response.response && response.response[0].uid == authData.id) {
|
||||
function validateAuthData(authData, params) {
|
||||
return vkOAuth2Request(params).then(function (response) {
|
||||
if (response && response && response.access_token) {
|
||||
return request("api.vk.com", "method/secure.checkToken?token=" + authData.access_token + "&client_secret=" + params.appSecret + "&access_token=" + response.access_token).then(function (response) {
|
||||
if (response && response.response && response.response.user_id == authData.id) {
|
||||
return;
|
||||
}
|
||||
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.');
|
||||
});
|
||||
}
|
||||
logger.error('Vk Auth', 'Vk appIds or appSecret is incorrect.');
|
||||
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk appIds or appSecret is incorrect.');
|
||||
});
|
||||
}
|
||||
|
||||
function vkOAuth2Request(params) {
|
||||
var promise = new Parse.Promise();
|
||||
return promise.then(function(){
|
||||
if (!params || !params.appIds || !params.appIds.length || !params.appSecret || !params.appSecret.length ) {
|
||||
logger.error('Vk Auth', 'Vk auth is not configured. Missing appIds or appSecret.');
|
||||
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is not configured. Missing appIds or appSecret.');
|
||||
}
|
||||
return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials")
|
||||
})
|
||||
}
|
||||
|
||||
// Returns a promise that fulfills iff this app id is valid.
|
||||
function validateAppId() {
|
||||
@@ -20,9 +39,9 @@ function validateAppId() {
|
||||
}
|
||||
|
||||
// A promisey wrapper for api requests
|
||||
function request(path) {
|
||||
function request(host, path) {
|
||||
return new Promise(function (resolve, reject) {
|
||||
https.get("https://api.vk.com/method/" + path, function (res) {
|
||||
https.get("https://" + host + "/" + path, function (res) {
|
||||
var data = '';
|
||||
res.on('data', function (chunk) {
|
||||
data += chunk;
|
||||
|
||||
Reference in New Issue
Block a user