more on oauth

server/api/controller/oauth.js

@@ -21,7 +21,7 @@ const oauthController = {
   async createClient (req, res) {
     debug('Create client ', req.body.client_name)
     // only write scope is supported
-    if (req.body.scopes && req.body.scopes !== 'write') {
+    if (req.body.scopes && req.body.scopes !== 'event:write') {
       return res.status(422).json({ error: 'Invalid scopes' })
     }
 
@@ -29,7 +29,7 @@ const oauthController = {
       id: await randomString(256),
       name: req.body.client_name,
       redirectUris: req.body.redirect_uris,
-      scopes: req.body.scopes || 'write',
+      scopes: req.body.scopes || 'event:write',
       website: req.body.website,
       client_secret: await randomString(256)
     }
@@ -45,6 +45,20 @@ const oauthController = {
     }
   },
 
+  async getClient (req, res) {
+    const client = await OAuthClient.findByPk(req.params.client_id, { raw: true })
+    if (!client) {
+      return res.status(404).send('Not found!')
+    }
+    res.json({
+      client_id: client.id,
+      redirect_uris: client.redirectUris,
+      name: client.name,
+      website: client.website,
+      scopes: client.scopes
+    })
+  },
+
   async getClients (req, res) {
     const tokens = await OAuthToken.findAll({
       include: [{ model: User, where: { id: req.user.id } }, { model: OAuthClient, as: 'client' }],

server/api/index.js

@@ -95,6 +95,7 @@ api.delete('/resources/:resource_id', isAdmin, resourceController.remove)
 api.get('/resources', isAdmin, resourceController.getAll)
 
 api.get('/clients', isAuth, oauthController.getClients)
+api.get('/client/:client_id', isAuth, oauthController.getClient)
 api.post('/client', oauthController.createClient)
 
 // api.get('/verify', oauth.oauthServer.authenticate(), (req, res) => {