Merge pull request #6554 from RocketChat/fix-oauth

[New] Added oauth2 userinfo endpoint
RocketChat · Apr 3, 2017 · 4e1c7a0 · 4e1c7a0
2 parents 3917df5 + 12c2bad
commit 4e1c7a0
Showing 1 changed file with 27 additions and 0 deletions.
diff --git a/packages/rocketchat-oauth2-server-config/oauth/server/oauth2-server.coffee b/packages/rocketchat-oauth2-server-config/oauth/server/oauth2-server.coffee
@@ -8,6 +8,33 @@ oauth2server = new OAuth2Server
 
 WebApp.connectHandlers.use oauth2server.app
 
+oauth2server.routes.get '/oauth/userinfo', (req, res, next) ->
+	if not req.headers.authorization?
+		return res.sendStatus(401).send('No token')
+
+	accessToken = req.headers.authorization.replace('Bearer ', '')
+
+	token = oauth2server.oauth.model.AccessTokens.findOne accessToken: accessToken
+
+	if not token?
+		return res.sendStatus(401).send('Invalid Token')
+
+	user = RocketChat.models.Users.findOneById(token.userId);
+
+	if not user?
+		return res.sendStatus(401).send('Invalid Token')
+
+	res.send
+		sub: user._id
+		name: user.name
+		email: user.emails[0].address
+		email_verified: user.emails[0].verified
+		department: ""
+		birthdate: ""
+		preffered_username: user.username
+		updated_at: user._updatedAt
+		picture: "#{Meteor.absoluteUrl()}avatar/#{user.username}"
+
 
 Meteor.publish 'oauthClient', (clientId) ->
 	unless @userId