Merge pull request #66 from caputomarcos/65-small-improvements

small improvements #65
caputomarcos · Apr 7, 2023 · d8bbe26 · d8bbe26
2 parents 49a927d + f29a23b
commit d8bbe26
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -76,6 +76,11 @@ This sample used the [go-oauth2-server](https://github.com/RichardKnop/go-oauth2
 | embedded credentials           | boolean        | This specifies whether to include the client credentials in the token request body for authentication purposes.       |
 | reject Unauthorized            | boolean        | This specifies whether to reject unauthorized requests. The rejectUnauthorized parameter controls SSL/TLS certificate validation for the server, with true enforcing validation and false disabling it. |
 
+**`Note:`** 
+
+> * If running behind a proxy, the standard `http_proxy=...` environment variable should be set and `Node-RED restarted, or use Proxy Configuration`. If Proxy Configuration was set, the configuration take precedence over environment variable.
+
+> * The OAuth redirect URL is set by default to `/oauth2/redirect`, which is the endpoint responsible for receiving the authorization `code`.
 
 # Outputs
 

diff --git a/locales/en-US/oauth2.html b/locales/en-US/oauth2.html
@@ -47,13 +47,19 @@
 
 : use proxy (boolean)                                 :  This specifies whether to use a proxy or not.
 * use proxy: `true` 
-: use proxy(Proxy Configuration) (object)             :  This specifies the configuration for the proxy.
+: Proxy Configuration (object)                        :  This specifies the configuration for the proxy.
 
 : only send non-2xx responses to catch node (boolean) :  This specifies whether to only catch non-2xx responses.
 : embedded credentials (boolean)                      :  This specifies whether to include the client credentials in the token request body for authentication purposes.
 : reject Unauthorized (boolean)                       :  This specifies whether to reject unauthorized requests. The rejectUnauthorized parameter controls SSL/TLS certificate validation for the server, with true enforcing validation and false disabling it.
 
 
+**`Note:`** 
+
+> * If running behind a proxy, the standard `http_proxy=...` environment variable should be set and `Node-RED restarted, or use Proxy Configuration`. If Proxy Configuration was set, the configuration take precedence over environment variable.
+
+> * The OAuth redirect URL is set by default to `/oauth2/redirect`, which is the endpoint responsible for receiving the authorization `code`.
+
 ### Outputs
 
 : access_token (string)     : This is the access token obtained from the OAuth2 server.

diff --git a/oauth2.js b/oauth2.js
@@ -179,8 +179,10 @@ module.exports = function (RED) {
             }
 
             const credentials = RED.nodes.getCredentials(node.id);
-            options.form.code = credentials.code;
-            options.form.redirect_uri = credentials.redirectUri;
+            if (credentials) {
+              options.form.code = credentials.code;
+              options.form.redirect_uri = credentials.redirectUri;
+            }
           }
         }
 
@@ -311,10 +313,14 @@ module.exports = function (RED) {
    */
   RED.httpAdmin.get("/oauth2/credentials/:token", function (req, res) {
     const credentials = RED.nodes.getCredentials(req.params.token);
-    res.json({
-      code: credentials.code,
-      redirect_uri: credentials.redirect_uri,
-    });
+    if (credentials) {
+      res.json({
+        code: credentials.code,
+        redirect_uri: credentials.redirect_uri,
+      });
+    } else {
+      res.send("oauth2.error.no-credentials");
+    }
   });
 
   /**
@@ -327,10 +333,10 @@ module.exports = function (RED) {
       const state = req.query.state.split(":");
       const node_id = state[0];
       const credentials = RED.nodes.getCredentials(node_id);
-      credentials.code = req.query.code;
-      RED.nodes.addCredentials(node_id, credentials);
-
-      const html = `<HTML>
+      if (credentials) {
+        credentials.code = req.query.code;
+        RED.nodes.addCredentials(node_id, credentials);
+        const html = `<HTML>
       <HEAD>
           <script language=\"javascript\" type=\"text/javascript\">
             function closeWindow() {
@@ -346,7 +352,10 @@ module.exports = function (RED) {
               <p>Success! This page can be closed if it doesn't do so automatically.</p>
       </BODY>
       </HTML>`;
-      res.send(html);
+        res.send(html);
+      }
+    } else {
+      res.send("oauth2.error.no-credentials");
     }
   });
 
@@ -402,7 +411,7 @@ module.exports = function (RED) {
 
     res.cookie("csrf", csrfToken);
 
-    var l = url.parse(req.query.authorizationEndpoint, true);
+    const l = url.parse(req.query.authorizationEndpoint, true);
     const redirectUrl = url.format({
       protocol: l.protocol.replace(":", ""),
       hostname: l.hostname,
@@ -422,10 +431,9 @@ module.exports = function (RED) {
         proxy: proxyOptions,
       });
       res.redirect(response.request.res.responseUrl);
-
       RED.nodes.addCredentials(node_id, credentials);
     } catch (error) {
-      res.sendStatus(500);
+      res.sendStatus(404);
     }
   });
 
@@ -441,9 +449,9 @@ module.exports = function (RED) {
         description: req.query.error_description,
       });
     }
-    var state = req.query.state.split(":");
-    var node_id = state[0];
-    var credentials = RED.nodes.getCredentials(node_id);
+    const state = req.query.state.split(":");
+    const node_id = state[0];
+    const credentials = RED.nodes.getCredentials(node_id);
     if (!credentials || !credentials.clientId || !credentials.clientSecret) {
       return res.send("oauth2.error.no-credentials");
     }