SaveToken doesn't propagate client, user, scope to generateAcessToken if asyc is used

[alfonsodev]

I'm using latest version from master
I found that when using my custom model generateAccessToken doesn't receive the arguments (client, user, scope) when using async generateAcessToken.

I found a solution by binding this context to each function when declaring the array fns.
In lib/grant-type/grant-type-password.js

PasswordGrantType.prototype.saveToken = function(user, client, scope) {
  var fns = [
    this.validateScope(user, client, scope),
    this.generateAccessToken(client, user, scope).bind(this), // <- adding bind here
    this.generateRefreshToken(client, user, scope),
    this.getAccessTokenExpiresAt(),
    this.getRefreshTokenExpiresAt()
  ];

  return Promise.all(fns)
    .bind(this)
    .spread(function(scope, accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) {
      var token = {
        accessToken: accessToken,
        accessTokenExpiresAt: accessTokenExpiresAt,
        refreshToken: refreshToken,
        refreshTokenExpiresAt: refreshTokenExpiresAt,
        scope: scope
      };

      return promisify(this.model.saveToken, 3)(token, client, user);
    });
};

If this solution is acceptable I can prepare a pull request.
I guess the same problem will apply to validateScope and generateRefreshToken,
and other grant-types
Thanks

[maxtruxa]

Could you post your model's generateAccessToken?

Your solution binds this to the return value of AbstractGrantType#generateAccessToken which might or might not be a promise. In case it's not, calling .bind(this) would crash.

[alfonsodev]

Thanks for quick answer,
you can reproduce the issue in master with this model implementation.

async generateAcessToken(user, client, scope) {
   debugger      // <- here arguments.length is 0, but test-token is returned correctly in the response
   return 'test-token'
}

Without async , it will work as expected.

generateAcessToken(user, client, scope) {
   debugger      // <-  arguments.length is 3
   return 'test-token'
}

[alfonsodev]

Don't get me grown, in my real JWT implementation I don't use async

  generateAccessToken(client, user, scope) {
    let secret = this._accessSecret
    let expiry = this._accessExpirySeconds
    let exp = new Date()
    exp.setSeconds(expiry)
    if (user.id) {
      let payload = { iss: JWT_ISSUER, userId: user.id, exp: exp.getTime() }
      return JWT.sign(payload, secret)
    }
    throw new Error('No user id')  
  }

It works fine as expected, it just happen that I accidentally found the bug
and I though that all model function should work with Promises too.

[maxtruxa]

I don't know how exactly Babel is transpiling async constructs. Maybe promisify-any is misinterpreting the generated code. I'll check on that later this weekend.