From f8eda1a5945e9371c94d98fd0d0dd2417b374432 Mon Sep 17 00:00:00 2001
From: Sean McArthur <sean.monstar@gmail.com>
Date: Fri, 16 May 2014 14:47:22 -0700
Subject: [PATCH] add a /v1/uid endpoint

fixes #20
---
 lib/routes/uid.js | 17 +++++++++++++++++
 lib/routing.js    |  5 +++++
 test/api.js       | 41 +++++++++++++++++++++++++++++++++++++++--
 3 files changed, 61 insertions(+), 2 deletions(-)
 create mode 100644 lib/routes/uid.js

diff --git a/lib/routes/uid.js b/lib/routes/uid.js
new file mode 100644
index 0000000..4f1ad25
--- /dev/null
+++ b/lib/routes/uid.js
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+module.exports = {
+  auth: {
+    strategy: 'oauth',
+    scope: ['profile', 'profile:uid']
+  },
+  handler: function email(req, reply) {
+    reply({
+      uid: req.auth.credentials.user
+    });
+  }
+};
+
+
diff --git a/lib/routing.js b/lib/routing.js
index 95d57dc..a4852ab 100644
--- a/lib/routing.js
+++ b/lib/routing.js
@@ -18,5 +18,10 @@ module.exports = [
     method: 'POST',
     path: v('/email'),
     config: require('./routes/email')
+  },
+  {
+    method: 'POST',
+    path: v('/uid'),
+    config: require('./routes/uid')
   }
 ];
diff --git a/test/api.js b/test/api.js
index 3bbe935..601a170 100644
--- a/test/api.js
+++ b/test/api.js
@@ -106,10 +106,10 @@ describe('/email', function() {
     });
   });
 
-  it('should NOT return a profile if wrong scope', function() {
+  it('should NOT return email if wrong scope', function() {
     mockToken().reply(200, JSON.stringify({
       user: USERID,
-      scope: ['foo', 'bar']
+      scope: ['profile:uid']
     }));
     return Server.api.post({
       url: '/email',
@@ -122,3 +122,40 @@ describe('/email', function() {
   });
 });
 
+describe('/uid', function() {
+  var uid = token();
+  before(function() {
+    return db.createProfile({
+      uid: uid,
+      avatar: avatarUrl
+    });
+  });
+
+  it('should return an uid', function() {
+    mockToken().reply(200, TOKEN_GOOD);
+    return Server.api.post({
+      url: '/uid',
+      headers: {
+        authorization: 'Bearer ' + uid
+      }
+    }).then(function(res) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(JSON.parse(res.payload).uid, USERID);
+    });
+  });
+
+  it('should NOT return a profile if wrong scope', function() {
+    mockToken().reply(200, JSON.stringify({
+      user: USERID,
+      scope: ['profile:email']
+    }));
+    return Server.api.post({
+      url: '/uid',
+      headers: {
+        authorization: 'Bearer ' + uid
+      }
+    }).then(function(res) {
+      assert.equal(res.statusCode, 403);
+    });
+  });
+});