Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
// Authorization callback
if (!request.query.oauth_verifier) {
return h.unauthenticated(Boom.internal('Missing verifier parameter in ' + name + ' authorization response'), { credentials });
}
const state = request.state[cookie];
if (!state) {
return internals.refreshRedirect(request, name, protocol, settings, credentials, h);
}
credentials.query = state.query;
h.unstate(cookie);
if (request.query.oauth_token !== state.token) {
return h.unauthenticated(Boom.internal(name + ' authorized request token mismatch'), { credentials });
}
// Obtain token OAuth credentials
try {
var { payload: token } = await client.token(state.token, request.query.oauth_verifier, state.secret);
}
catch (err) {
return h.unauthenticated(err, { credentials });
}
credentials.token = token.oauth_token;
credentials.secret = token.oauth_token_secret;
if (!settings.provider.profile ||
settings.skipProfile) {
catch (err) {
return h.unauthenticated(Boom.internal('Failed obtaining ' + name + ' access token', err), { credentials });
}
if (tokenRes.statusCode < 200 ||
tokenRes.statusCode > 299) {
return h.unauthenticated(Boom.internal('Failed obtaining ' + name + ' access token', payload), { credentials });
}
try {
payload = internals.parse(payload);
}
catch (err) {
Bounce.rethrow(err, 'system');
return h.unauthenticated(Boom.internal('Received invalid payload from ' + name + ' access token endpoint', payload), { credentials });
}
credentials.token = payload.access_token;
credentials.refreshToken = payload.refresh_token;
credentials.expiresIn = payload.expires_in;
if (!settings.provider.profile || settings.skipProfile) {
return h.authenticated({ credentials, artifacts: payload });
}
// Obtain user profile
const get = async (uri, params = {}) => {
const getOptions = {
headers: {
const cookie = settings.cookie;
const name = settings.name;
const protocol = internals.getProtocol(request, settings);
// Prepare credentials
const credentials = {
provider: name
};
// Bail if the upstream service returns an error
if (request.query.error === 'access_denied' ||
request.query.denied) {
return h.unauthenticated(Boom.internal('Application rejected'), { credentials });
}
// Error if not https but cookie is secure
if (protocol !== 'https' &&
settings.isSecure) {
return h.unauthenticated(Boom.internal('Invalid setting - isSecure must be set to false for non-https server'), { credentials });
}
// Sign-in Initialization
if (!request.query.oauth_token) {
credentials.query = request.query;
// Obtain temporary OAuth credentials
const cookie = settings.cookie;
const name = settings.name;
const protocol = internals.getProtocol(request, settings);
// Prepare credentials
const credentials = {
provider: name
};
// Bail if the upstream service returns an error
if (request.query.error === 'access_denied' ||
request.query.denied) {
return h.unauthenticated(Boom.internal(`App rejected: ${request.query.error_description || request.query.denied || 'No information provided'}`), { credentials });
}
// Error if not https but cookie is secure
if (protocol !== 'https' &&
settings.isSecure) {
return h.unauthenticated(Boom.internal('Invalid setting - isSecure must be set to false for non-https server'), { credentials });
}
// Sign-in Initialization
if (!request.query.code) {
credentials.query = request.query;
const nonce = Cryptiles.randomString(internals.nonceLength);
if (res) {
return { res: { statusCode: 200 }, payload: JSON.stringify(res) };
}
team.attend();
return { res: { statusCode: 200 }, payload: '{"x":1}' };
}
if (payload instanceof Error) {
const statusCode = (payload && payload.output ? payload.output.statusCode : 400);
return { res: { statusCode }, payload: JSON.stringify({ message: payload.message }) };
}
if (payload === null) {
throw Boom.internal('unknown');
}
return { res: { statusCode: 200 }, payload: typeof payload === 'string' ? payload : JSON.stringify(payload) };
}
return internals.wreck[method](dest, ...args);
};
};
paginate: function (response, totalCount, options) {
options = options || {};
const key = options.key;
if (Array.isArray(response) && key) {
throw Boom.internal('Object required with results key')
}
if (!Array.isArray(response) && !key) {
throw Boom.internal('Missing results key');
}
if (key && !response[key]) {
throw Boom.internal('key: ' + key + 'does not exists on response');
}
const results = key ? response[key] : response;
if (key) {
delete response[key];
}
if (config.meta.location === 'header') {
return this.response(results).header('total-count', totalCount);
}
return this.response({
register: async (req, res, next) => {
const { name, email, password } = req.body;
try {
const user = await service.create(name, email, password);
return res.status(201).json({ success: true, user });
} catch (error) {
switch (error.name) {
case 'EmailIsTakenError':
return next(boom.conflict(error.message));
default:
return next(boom.internal(error));
}
}
},
login: async (req, res, next) => {
};
if (settings.profileParams) {
Hoek.merge(params, settings.profileParams);
}
if (settings.provider.headers) {
Hoek.merge(getOptions.headers, settings.provider.headers);
}
const getQuery = (Object.keys(params).length ? '?' + internals.queryString(params) : '');
try {
var { res, payload: response } = await Wreck[settings.provider.profileMethod](uri + getQuery, getOptions);
}
catch (err) {
throw Boom.internal('Failed obtaining ' + name + ' user profile', err);
}
if (res.statusCode !== 200) {
throw Boom.internal('Failed obtaining ' + name + ' user profile', response);
}
try {
response = internals.parse(response);
}
catch (err) {
Bounce.rethrow(err, 'system');
throw Boom.internal('Received invalid payload from ' + name + ' user profile', response);
}
return response;
};
paginate: function (response, totalCount, options) {
options = options || {};
const key = options.key;
if (Array.isArray(response) && key) {
throw Boom.internal('Object required with results key')
}
if (!Array.isArray(response) && !key) {
throw Boom.internal('Missing results key');
}
if (key && !response[key]) {
throw Boom.internal('key: ' + key + 'does not exists on response');
}
const results = key ? response[key] : response;
if (key) {
delete response[key];
}
if (config.meta.location === 'header') {
adjacentWilayasNames: async (req, res, next) => {
const resFormat = req.query.format;
const mattricule = Number(req.params.matricule);
const { lang } = req.params;
try {
const {
adjacentWilayasWithNames,
} = await service.getAdjacentWilayasNames(mattricule, lang);
return presenter
.presentArrayResponse(res, adjacentWilayasWithNames, resFormat, 'wilayas', 200);
} catch (error) {
return next(boom.internal('Error'));
}
},
wilayaByPhoneCode: async (req, res, next) => {