Client Credentials

sjsnider · Jun 3, 2013 · f6dff34 · f6dff34
1 parent e19a5d0
commit f6dff34
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -9,6 +9,7 @@ Simple OAuth2 supports the following flows.
 
 * Authorization Code Flow (for apps with servers that can store persistent information).
 * Password Credentials (when previous flow can't be used or during development).
+* [Client Credentials Flow](http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.4) (the client can request an access token using only its client credentials)
 
 ## Requirements
 
@@ -146,6 +147,22 @@ function saveToken(error, result) {
 });
 ```
 
+### Client Credentials Flow
+
+This flow is suitable when client is requesting access to the protected resources under its control.
+
+```javascript
+// Get the access token object.
+var token;
+OAuth2.Password.getToken(saveToken);
+
+// Save the access token
+function saveToken(error, result) {
+  if (error) { console.log('Access Token Error', error.message); }
+  token = OAuth2.AccessToken.create(result);
+});
+```
+
 ### Access Token object
 
 When a token expires we need to refresh it. Simple OAuth2 offers the

diff --git a/lib/client/client.js b/lib/client/client.js
@@ -0,0 +1,24 @@
+//
+// ### Client credentials flow implementation
+//
+module.exports = function(config) {
+
+  var core   = require('./../core')(config);
+
+	//
+  // ### Returns the Access Token object.
+	//
+  // * `params.scope` - A String that represents the application privileges.
+  // * `callback` - The callback function returning the results.
+	// An error object is passed as first argument and the result as last.
+	//
+  function getToken(params, callback) {
+		params.grant_type = 'client_credentials';
+		core.api('POST', config.tokenPath, params, callback);
+  }
+
+
+  return {
+    'getToken' : getToken
+  }
+};
diff --git a/lib/simple-oauth2.js b/lib/simple-oauth2.js
@@ -22,6 +22,7 @@ module.exports = function(config) {
   return {
     'AuthCode': require('./client/auth-code')(config),
     'Password': require('./client/password')(config),
+    'Client': require('./client/client')(config),
     'AccessToken': require('./client/access-token')(config)
   }
 };

diff --git a/test/client.js b/test/client.js
@@ -0,0 +1,33 @@
+var credentials = { clientID: 'client-id', clientSecret: 'client-secret', site: 'https://example.org', form: false },
+    OAuth2 = require('./../lib/simple-oauth2.js')(credentials),
+		qs = require('querystring'),
+    nock = require('nock');
+
+var request, result, error;
+
+describe('OAuth2.Client',function() {
+
+	describe('#getToken',function() {
+
+		beforeEach(function(done) {
+			var params = { 'grant_type': 'client_credentials', client_id: 'client-id', secret: 'client-secret' };
+			request = nock('https://example.org:443').post('/oauth/token', qs.stringify(params)).replyWithFile(200, __dirname + '/fixtures/access_token.json');
+			done();
+		})
+
+		beforeEach(function(done) {
+			var params = {};
+			OAuth2.Client.getToken(params, function(e, r) {
+				error = e; result = r; done();
+			})
+		})
+
+		it('makes the HTTP request', function() {
+			request.isDone();
+		});
+
+		it('returns an access token',function() {
+			result.should.have.property('access_token');
+		});
+	});
+});