pkg/oauth2/lib/src/handle_access_token_response.dart - Issue 11420025: Add a package for authenticating via OAuth2.

Side by Side Diff: pkg/oauth2/lib/src/handle_access_token_response.dart

Issue 11420025: Add a package for authenticating via OAuth2. (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart

Patch Set: Misc fixes Created 8 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file

	2 // for details. All rights reserved. Use of this source code is governed by a

	3 // BSD-style license that can be found in the LICENSE file.

	4

	5 library handle_access_token_response;

	6

	7 import 'dart:io';

	8 import 'dart:json';

	9 import 'dart:uri';

	10

	11 import '../../../http/lib/http.dart' as http;

	12

	13 import 'credentials.dart';

	14 import 'authorization_exception.dart';

	15

	16 /// The amount of time, in seconds, to add as a "grace period" for credential

	17 /// expiration. This allows credential expiration checks to remain valid for a

	18 /// reasonable amount of time.

	19 final int _EXPIRATION_GRACE = 10;
	Bob Nystrom 2012/11/16 19:53:30 "final int" -> "const". "final int" -> "const". nweiz 2012/11/17 01:06:27 Done. Show quoted text On 2012/11/16 19:53:30, Bob Nystrom wrote: > "final int" -> "const". Done.
	20

	21 /// Handles a response from the authorization server that contains an access

	22 /// token. This response format is common across several different components of

	23 /// the OAuth2 flow.

	24 Credentials handleAccessTokenResponse(

	25 http.Response response,

	26 Uri tokenEndpoint,

	27 Date startTime,

	28 List<String> scopes) {

	29 if (response.statusCode != 200) _handleErrorResponse(response, tokenEndpoint);

	30

	31 var contentType = response.headers['content-type'];

	32 if (contentType != null) {

	33 contentType = new ContentType.fromString(contentType);

	34 }

	35 if (contentType == null \|\| contentType.value != "application/json") {

	36 throw new FormatException('Invalid OAuth response for '

	37 '"$tokenEndpoint": content-type was "$contentType", expected '

	38 '"application/json".');

	39 }

	40

	41 var parameters;

	42 try {

	43 parameters = JSON.parse(response.body);

	44 } catch (e) {
	Bob Nystrom 2012/11/16 19:53:30 Restrict this: } on FormatException catch (e) { Restrict this: } on FormatException catch (e) { You really don't want to catch NoSuchMethod or OutOfMemory here. :) nweiz 2012/11/17 01:06:27 JSON.parse doesn't throw a FormatException :-/. Show quoted text On 2012/11/16 19:53:30, Bob Nystrom wrote: > Restrict this: > > } on FormatException catch (e) { > > You really don't want to catch NoSuchMethod or OutOfMemory here. :) JSON.parse doesn't throw a FormatException :-/. Bob Nystrom 2012/11/19 21:37:10 Restrict it to a JSONParseException? We definitely Show quoted text On 2012/11/17 01:06:27, nweiz wrote: > On 2012/11/16 19:53:30, Bob Nystrom wrote: > > Restrict this: > > > > } on FormatException catch (e) { > > > > You really don't want to catch NoSuchMethod or OutOfMemory here. :) > > JSON.parse doesn't throw a FormatException :-/. Restrict it to a JSONParseException? We definitely don't want a catch-all here. nweiz 2012/11/19 22:20:11 It doesn't throw a JSONParseException either :-/. Show quoted text On 2012/11/19 21:37:10, Bob Nystrom wrote: > On 2012/11/17 01:06:27, nweiz wrote: > > On 2012/11/16 19:53:30, Bob Nystrom wrote: > > > Restrict this: > > > > > > } on FormatException catch (e) { > > > > > > You really don't want to catch NoSuchMethod or OutOfMemory here. :) > > > > JSON.parse doesn't throw a FormatException :-/. > > Restrict it to a JSONParseException? We definitely don't want a catch-all here. It doesn't throw a JSONParseException either :-/. It just throws a generic string error.
	45 throw new FormatException('Invalid OAuth response for '

	46 '"$tokenEndpoint": invalid JSON.\n\n${response.body}');
	Bob Nystrom 2012/11/16 19:53:30 How about a helper function for all of these throw How about a helper function for all of these throws: validate(bool condition, String message) { if (!condition) throw new FormatException('Invalid OAuth response for ' '"$tokenEndpoint": $message.\n\n${response.body}'); } nweiz 2012/11/17 01:06:27 Done. Show quoted text On 2012/11/16 19:53:30, Bob Nystrom wrote: > How about a helper function for all of these throws: > > validate(bool condition, String message) { > if (!condition) throw new FormatException('Invalid OAuth response for ' > '"$tokenEndpoint": $message.\n\n${response.body}'); > } Done.
	47 }

	48

	49 for (var requiredParameter in ['access_token', 'token_type']) {

	50 if (!parameters.containsKey(requiredParameter)) {

	51 throw new FormatException('Invalid OAuth response for '

	52 '"$tokenEndpoint": did not contain required parameter '

	53 '"$requiredParameter".\n\n${response.body}');

	54 } else if (parameters[requiredParameter] is! String) {

	55 throw new FormatException('Invalid OAuth response for '

	56 '"$tokenEndpoint": required parameter "$requiredParameter" was '

	57 'not a string, was "${parameters[requiredParameter]}".\n\n'

	58 '${response.body}');

	59 }

	60 }

	61

	62 // TODO(nweiz): support the "mac" token type

	63 // (http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01)

	64 if (parameters['token_type'].toLowerCase() != 'bearer') {

	65 throw new FormatException('Invalid OAuth response for '

	66 '"$tokenEndpoint": unknown token type '

	67 '"${parameters['token_type']}".\n\n${response.body}');

	68 }

	69

	70 var expiresIn = parameters['expires_in'];

	71 if (expiresIn != null && expiresIn is! int) {

	72 throw new FormatException('Invalid OAuth response for '

	73 '"$tokenEndpoint": parameter "expires_in" was not an int, was '

	74 '"$expiresIn".\n\n${response.body}');

	75 }

	76

	77 for (var name in ['refresh_token', 'scope']) {

	78 var value = parameters[name];

	79 if (value == null \|\| value is String) continue;

	80 throw new FormatException('Invalid OAuth response for "$tokenEndpoint": '

	81 'parameter "$name" was not a string, was "$value".\n\n'

	82 '${response.body}');

	83 }

	84

	85 var scope = parameters['scope'];

	86 if (scope != null) scopes = scope.split(" ");

	87

	88 var expiration = expiresIn == null ? null :

	89 startTime.add(new Duration(seconds: expiresIn - _EXPIRATION_GRACE));

	90

	91 return new Credentials(

	92 parameters['access_token'],

	93 parameters['refresh_token'],

	94 tokenEndpoint,

	95 scopes,

	96 expiration);

	97 }

	98

	99 /// Throws the appropriate exception for an error response from the

	100 /// authorization server.

	101 void _handleErrorResponse(http.Response response, Uri tokenEndpoint) {

	102 // OAuth2 mandates a 400 or 401 response code for access token error

	103 // responses. If it's not a 400 reponse, the server is either broken or

	104 // off-spec.

	105 if (response.statusCode != 400 && response.statusCode != 401) {

	106 var reason = '';

	107 if (response.reasonPhrase != null && !response.reasonPhrase.isEmpty) {

	108 ' ${response.reasonPhrase}';

	109 }

	110 throw new FormatException('OAuth request for "$tokenEndpoint" failed '

	111 'with status ${response.statusCode}$reason.\n\n${response.body}');

	112 }

	113

	114 var contentType = response.headers['content-type'];

	115 if (contentType != null) {

	116 contentType = new ContentType.fromString(contentType);

	117 }

	118 if (contentType == null \|\| contentType.value != "application/json") {

	119 throw new FormatException('Invalid OAuth response for "$tokenEndpoint": '

	120 'content-type was "$contentType", expected "application/json".');

	121 }

	122

	123 var parameters;

	124 try {

	125 parameters = JSON.parse(response.body);

	126 } catch (e) {

	127 throw new FormatException('Invalid OAuth response for '

	128 '"$tokenEndpoint": invalid JSON.\n\n${response.body}');

	129 }

	130

	131 if (!parameters.containsKey('error')) {

	132 throw new FormatException('Invalid OAuth response for "$tokenEndpoint": '

	133 'did not contain required parameter "error".\n\n${response.body}');

	134 } else if (parameters["error"] is! String) {

	135 throw new FormatException('Invalid OAuth response for "$tokenEndpoint": '

	136 'required parameter "error" was not a string, was '

	137 '"${parameters["error"]}"\n\n${response.body}.');

	138 }

	139

	140 for (var name in ['error_description', 'error_uri']) {

	141 var value = parameters[name];

	142 if (value == null \|\| value is String) continue;

	143 throw new FormatException('Invalid OAuth response for "$tokenEndpoint": '

	144 'parameter "$name" was not a string, was "$value".\n\n'

	145 '${response.body}');

	146 }

	147

	148 var description = parameters['error_description'];

	149 var uriString = parameters['error_uri'];

	150 var uri = uriString == null ? null : new Uri.fromString(uriString);

	151 throw new AuthorizationException(parameters['error'], description, uri);

	152 }

OLD	NEW

« pkg/oauth2/lib/src/credentials.dart ('K') | « pkg/oauth2/lib/src/credentials.dart ('k') | pkg/oauth2/lib/src/utils.dart » ('j') | pkg/oauth2/lib/src/utils.dart » ('J')