fix(model): support explicit client.id field in model methods

leaonline · Nov 1, 2024 · 1498fbf · 1498fbf
1 parent c6aed50
commit 1498fbf
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 5 deletions.
diff --git a/HISTORY.md b/HISTORY.md
@@ -5,6 +5,7 @@
 - added scope verification in authenticated routes
 - improved internal logging
 - fix bug in validation for custom models
+- fix support for explicit `client.id` field
 
 ## 5.0.0
 - sync support for @node-oauth/oauth2-server 5.x by

diff --git a/lib/model/meteor-model.js b/lib/model/meteor-model.js
@@ -111,7 +111,8 @@ export const saveAuthorizationCode = async (code, client, user) => {
     redirectUri,
     scope: code.scope,
     client: {
-      id: client.clientId
+      // xxx: fix for newer oauth2-server versions
+      id: client.id ?? client.clientId
     },
     user: {
       id: user.id

diff --git a/lib/model/model.js b/lib/model/model.js
@@ -67,6 +67,7 @@ class OAuthMeteorModel {
   async createClient ({ title, homepage, description, privacyLink, redirectUris, grants, clientId, secret }) {
     this.log(`createClient (${redirectUris})`)
     return createClient({
+      id: clientId, // xxx: fix for newer oauth2-server versions that explicitly check for .id presence
       title,
       homepage,
       description,

diff --git a/tests/oauth-tests.js b/tests/oauth-tests.js
@@ -292,7 +292,7 @@ describe('integration tests of OAuth2 workflows', function () {
           authorizationCode,
           expiresAt,
           redirectUri: clientDoc.redirectUris[0]
-        }, { client_id: clientDoc.clientId }, { id: user._id })
+        }, clientDoc, { id: user._id })
 
         const params = {
           code: authorizationCode,
@@ -317,7 +317,7 @@ describe('integration tests of OAuth2 workflows', function () {
           authorizationCode,
           expiresAt,
           redirectUri: clientDoc.redirectUris[0]
-        }, {}, { id: user._id })
+        }, clientDoc, { id: user._id })
 
         const params = {
           code: authorizationCode,
@@ -359,11 +359,13 @@ describe('integration tests of OAuth2 workflows', function () {
       it('issues an access token for a valid request', async () => {
         const authorizationCode = Random.id()
         const expiresAt = new Date(new Date().getTime() + 30000)
-        await authCodeServer.model.saveAuthorizationCode({
+        const code = {
           authorizationCode,
           expiresAt,
           redirectUri: clientDoc.redirectUris[0]
-        }, {}, { id: user._id })
+        }
+
+        await authCodeServer.model.saveAuthorizationCode(code, clientDoc, { id: user._id })
 
         const params = {
           code: authorizationCode,