user.has_token and client.isTrusted

[raymondsze]

In the oauth2.js, I can see user.has_token and client.isTrusted, but I cannot find those method in the user and client models. Where is these method specified?

[kylefarris]

I was wondering the same thing. How do we implement these methods?

[piotrkochan]

I think that this part of code is not firing:

module.exports = function authorization(server, options, validate) {
  if (typeof options == 'function') {
    validate = options;
    options = {};
  }

I've found interesting comment

// TODO: Add an optional `immediate` callback, which can consult a
//       pre-approved decision and respond immediately, along with the
//       ability to fall back into "transaction" mode.  Currently, this
//       functionality can be achieved using later route middleware
//       after `next()`ing, but this would optimize away the need to
//       serialize the client into the session.

[piotrkochan]

Eureka

      // WARNING: For security purposes, it is highly advisable to check that
      //          redirectURI provided by the client matches one registered with
      //          the server.  For simplicity, this example does not.  You have
      //          been warned.
      return done(null, client, redirectURI);
    });
  }),
  function (req, res, next) {
    if (req.oauth2.client.trusted) { // add this property to the client
      next()
    } else {
    res.render('dialog', {transactionID: req.oauth2.transactionID, user: req.user, client: req.oauth2.client});
    }
  },
  server.decision(function (req, done) {
    return done(null, {scope: req.scope})
  })
]

[gerges-beshay]

I have updated the code to address this.