verifier.update(data);
- console.log("I'm inside the exchange!");
-
if (verifier.verify(pub, utils.base64urlUnescape(signature), 'base64')) {
var accessToken = utils.generateUUID(),
accesshash,
return done(new Error("Invalid JWT header."));
}
- console.log();
-
if (!decodedClaimSet || decodedClaimSet.length < 5 || !decodedClaimSet.iss ||
!decodedClaimSet.scope || !decodedClaimSet.aud || !decodedClaimSet.exp ||
!decodedClaimSet.iat) {
return done(new Error("JWT has expired."));
}
- console.log("PRN:" + decodedClaimSet.prn);
-
// Validate decodedClaimSet.prn user and scopes.
if (client.get("delegatedAccess") && decodedClaimSet.prn) {
db.users.findByUsername(decodedClaimSet.prn, client.get("organization"), function (err, user) {
return done(new Error("Invalid JWT scope."));
}
- console.log("got this far");
-
// JWT is valid, create access token, save and return it.
// The accessToken is only valid for 1 hour and must be sent with each request to
server.authorization(function (clientID, redirectURI, scope, type, done) {
"use strict";
- console.log("in authorization");
-
// Get the org from the scope URI e.g. 'dev' from: 'https://mobile.xtuple.com/auth/dev'
scope = url.parse(scope[0], true);
var scopeOrg = scope.path.split("/")[1] || null;