zP6FEKd6

1/*
2* Function is called by the provider itself. The cloud url that leads here
3* has been passed in as a callback url by the OAuth1Client.getRequestToken().
4* The data that comes with this request should contain the verifier code.
5* The verifier must be exchanged for the access token. Depending on the
6* success of failure of this process, the page with the communication
7* result is displayed to th user. The page is displayed in the browser,
8* as this is the last step of the browser login.
9*/
10    
11  getAccessToken : function(req, provider) {
12
13    var device_id = req.device_id;
14    var user_name = req.user_name;
15    var verifier = req.oauth_verifier;
16    var request_token = req.oauth_token;
17
18    var user = OAuthUsers
19        .queryUser(provider.provider_name, device_id, user_name);
20
21    //if the request does not hold the verifier parameter, display error page and return
22    if (!verifier) {
23
24      OAuthUsers
25          .denyUser(provider.provider_name, device_id || "", user_name || "");
26
27      $fh.log( {
28        message : 'Provider request verification error: ' + $fh
29            .stringify(res.verifier)
30      });
31      $response.setContentType('text/html');
32      $response
33          .setContent('<h2>Authentication Failed. You may close the browser.</h2>');
34      return {};
35
36    }
37
38    // specify parameters for the accet token request (timestamp and nonce are added later)
39    var params = [ [ 'oauth_consumer_key', provider.consumer_key ], [ 'oauth_version', '1.0' ], [ 'oauth_verifier', verifier ], [ 'oauth_token', request_token ]
40
41    ];
42
43    //call provider's API to receive the access token
44    var tokenReply = OAuth1Client
45        .call(provider, params, provider.access_token_url, user.request_token_secret);
46
47    $fh.log( {
48      message : 'Provider access token response: ' + $fh.stringify(tokenReply)
49    });
50
51    //parse access token response
52    var token = provider.parseAccessToken(tokenReply);
53
54    //if the request does not hold the access token, display error page and return
55    if (!token || token.error) {
56
57      OAuthUsers
58          .denyUser(provider.provider_name, device_id || "", user_name || "");
59
60      $fh.log( {
61        message : 'Provider access token error'
62      });
63      $response.setContentType('text/html');
64      $response
65          .setContent('<h2>Authentication Failed. You may close the browser.</h2>');
66      return {};
67
68    }
69    
70    //if access token received, display success page and update user details
71    OAuthUsers
72        .authorizeUserOAuth1(provider.provider_name, device_id, token.token.oauth_token, token.token.oauth_token_secret, user_name, token.token.username, token.token.userid);
73    $response.setContentType('text/html');
74    $response
75        .setContent('<h2>Thank you for authorizing our mobile application.</h2><p>Please close this window</p> ');
76    return {};
77
78  }