Skip to content

Commit 305b037

Browse files
antigpflovilmart
antigp
authored and
flovilmart
committed
Vkontakte Auth: Change users.get to secure.checkToken (#2880)
* Change users.get to secure.checkToken You can't get user info by client token due vk restrictions. You must check token via secure.checkToken. * Configuration checks for vk auth. * Move config check to promise, remove debug log, add message to logger on error.
1 parent b88b0c5 commit 305b037

File tree

1 file changed

+27
-8
lines changed

1 file changed

+27
-8
lines changed

src/authDataManager/vkontakte.js

Lines changed: 27 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,47 @@
11
'use strict';
22

33
// Helper functions for accessing the vkontakte API.
4+
45
var https = require('https');
56
var Parse = require('parse/node').Parse;
7+
var logger = require('../logger').default;
68

79
// Returns a promise that fulfills iff this user id is valid.
8-
function validateAuthData(authData) {
9-
return request("users.get?v=V&access_token=" + authData.access_token).then(function (response) {
10-
if (response && response.response && response.response[0].uid == authData.id) {
11-
return;
10+
function validateAuthData(authData, params) {
11+
return vkOAuth2Request(params).then(function (response) {
12+
if (response && response && response.access_token) {
13+
return request("api.vk.com", "method/secure.checkToken?token=" + authData.access_token + "&client_secret=" + params.appSecret + "&access_token=" + response.access_token).then(function (response) {
14+
if (response && response.response && response.response.user_id == authData.id) {
15+
return;
16+
}
17+
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.');
18+
});
1219
}
13-
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.');
20+
logger.error('Vk Auth', 'Vk appIds or appSecret is incorrect.');
21+
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk appIds or appSecret is incorrect.');
1422
});
1523
}
1624

25+
function vkOAuth2Request(params) {
26+
var promise = new Parse.Promise();
27+
return promise.then(function(){
28+
if (!params || !params.appIds || !params.appIds.length || !params.appSecret || !params.appSecret.length ) {
29+
logger.error('Vk Auth', 'Vk auth is not configured. Missing appIds or appSecret.');
30+
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is not configured. Missing appIds or appSecret.');
31+
}
32+
return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials")
33+
})
34+
}
35+
1736
// Returns a promise that fulfills iff this app id is valid.
1837
function validateAppId() {
1938
return Promise.resolve();
2039
}
2140

2241
// A promisey wrapper for api requests
23-
function request(path) {
42+
function request(host, path) {
2443
return new Promise(function (resolve, reject) {
25-
https.get("https://api.vk.com/method/" + path, function (res) {
44+
https.get("https://" + host + "/" + path, function (res) {
2645
var data = '';
2746
res.on('data', function (chunk) {
2847
data += chunk;
@@ -40,4 +59,4 @@ function request(path) {
4059
module.exports = {
4160
validateAppId: validateAppId,
4261
validateAuthData: validateAuthData
43-
};
62+
};

0 commit comments

Comments
 (0)