Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | 1x 1x 1x 1x 19x 19x 18x 17x 1x 1x 1x 1x 1x 1x 1x 17x 17x 17x | /*
* GPII Untrusted Settings Get Handler
*
* Copyright 2017 OCAD University
*
* Licensed under the New BSD license. You may not use this file except in
* compliance with this License.
*
* You may obtain a copy of the License at
* https://github.com/GPII/universal/blob/master/LICENSE.txt
*/
"use strict";
var fluid = require("infusion"),
gpii = fluid.registerNamespace("gpii");
// Get settings in the ontology of preferences from the online flowmanager.
// These settings are untransformed lifecycle instructions.
// See [an example of the return payload of this endpoint](https://github.com/GPII/gpii-payloads/blob/master/CloudBasedFlowManagerUntrustedSettings.md#user-content-return-payload).
fluid.defaults("gpii.flowManager.cloudBased.untrustedSettings.get.handler", {
gradeNames: ["kettle.request.http", "gpii.flowManager.matchMakingRequest"],
invokers: {
handleRequest: {
funcName: "gpii.flowManager.cloudBased.untrustedSettings.get.handleRequest",
args: [
"{request}",
"{request}.req.params.userToken",
"{request}.req.params.device",
"{gpii.flowManager.cloudBased.oauth2}.authGrantFinder"
]
},
matchToUntrustedSettings: {
funcName: "gpii.flowManager.cloudBased.matchToUntrustedSettings",
args: ["{arguments}.0", "{request}.events.onSuccess"]
}
},
listeners: {
onMatchDone: "{that}.matchToUntrustedSettings"
}
});
gpii.flowManager.cloudBased.untrustedSettings.get.handleRequest = function (request, userToken, deviceString, authGrantFinder) {
// Verify the access token
var authorizationPromise = gpii.oauth2.getAuthorization(request.req, authGrantFinder);
authorizationPromise.then(function (authorization) {
if (authorization && authorization.gpiiToken === userToken && authorization.allowUntrustedSettingsGet) {
gpii.flowManager.cloudBased.settings.handleRequest(request.events.onError, userToken, request, deviceString);
} else {
fluid.log("CloudBased flowManager: unauthorized GET request at /untrusted-settings due to one of these reasons: 1. authorization record is missing; 2. gpiiToken associated with the authorization does not match the in-used token " + userToken + "; 3. the access token is unauthorized for using GET method at /untrusted-settings endpoint.");
request.events.onError.fire(gpii.oauth2.errors.unauthorized);
return;
}
}, function (error) {
fluid.log("CloudBased flowManager: GET request at /untrusted-settings for the token (" + userToken + ") failed with error: ", error);
request.events.onError.fire(gpii.oauth2.errors.unauthorized);
return;
});
};
gpii.flowManager.cloudBased.matchToUntrustedSettings = function (finalPayload, event) {
var settings = fluid.filterKeys(finalPayload, [
"userToken", "activeContextName", "preferences",
"activeConfiguration", "solutionsRegistryEntries", "matchMakerOutput"
]);
fluid.log("cloudBased flowManager: /untrusted-settings endpoint sending settings ", settings);
event.fire(settings);
};
|