How to use oauth - 10 common examples
To help you get started, we’ve selected a few oauth examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
QuePort / passport-sharepoint / lib / passport-sharepoint / strategy.js View on Github 
var authorizationURL = spSiteUrl + SP_AUTH_PREFIX;
var appRedirectURL = spSiteUrl + SP_REDIRECT_PREFIX;
// check if there is a app token present
if (spAppToken && spSiteUrl) {
var token = eval(jwt.decode(spAppToken, '', true));
var splitApptxSender = token.appctxsender.split("@");
var sharepointServer = url.parse(spSiteUrl)
var resource = splitApptxSender[0]+"/"+sharepointServer.host+"@"+splitApptxSender[1];
var spappId = this._appId+"@"+splitApptxSender[1];
var appctx = JSON.parse(token.appctx);
var tokenServiceUri = url.parse(appctx.SecurityTokenServiceUri);
var tokenURL = tokenServiceUri.protocol+'//'+tokenServiceUri.host+'/'+splitApptxSender[1]+tokenServiceUri.path;
this._oauth2 = new OAuth2(spappId, this._appSecret, '', authorizationURL, tokenURL);
this._oauth2.getOAuthAccessToken(
token.refreshtoken,
{grant_type: 'refresh_token', refresh_token: token.refreshtoken, resource: resource},
function (err, accessToken, refreshToken, params) {
if (err) { return self.error(new InternalOAuthError('failed to obtain access token', err)); }
if (!refreshToken)
refreshToken = spAppToken;
self._loadUserProfile(accessToken, spSiteUrl, function(err, profile) {
if (err) { return self.error(err); };
function verified(err, user, info) {
if (err) { return self.error(err); }
if (!user) { return self.fail(info); }
self.success(user, info);
}exports.getMentions = function(req, res, callback){
callback = callback || analyzeTweets;
oauth.get(
'https://api.twitter.com/1.1/statuses/mentions_timeline.json?count=800',
process.env.ACCESS_TOKEN_KEY,
process.env.ACCESS_TOKEN_SECRET,
function (e, data, res){
if (e) return console.error(e);
callback(data);
// res.send(200,'tweets obtained!')
});
}exports.setConfig = function(cfg){
config = cfg;
oauth = new OAuth.OAuth(
REQUEST_URL,
ACCESS_URL,
config.xeroConsumerKey,
config.xeroConsumerSecret,
'1.0A',
null,
'HMAC-SHA1',
null,
customHeaders
);
// This is important - Xero will redirect to this URL after successful authentication
// and provide the request token as query parameters
oauth._authorize_callback = config.xeroCallbackUrl;
};return new Promise((resolve, reject) => {
let oa = new oauth(this.options.oauth_request_url, this.options.oauth_access_url, this.options.key, this.options.secret, this.options.oauth_version, this.options.callback, this.options.oauth_encryption);
oa.getOAuthRequestToken((error, oauthToken, oauthTokenSecret, results) => {
if (error) {
return reject(`Error getting OAuth request token : ${JSON.stringify(error)}`, 500);
} else {
// assemble goodreads URL
let url = `https://goodreads.com/oauth/authorize?oauth_token=${oauthToken}&oauth_callback=${oa._authorize_callback}`;
return resolve({oauthToken, oauthTokenSecret, url});
}
})
})
}apiBase.prototype.authRequest = function apiBaseAuthRequest(callback)
{
// cheatsheet: requestUrl, accessUrl, consumerKey, consumerSecret, version, authorize_callback, signatureMethod
this.OA = new oauth
(
this.OAuth.request,
this.OAuth.access,
this.OAuth.key,
this.OAuth.secret,
this.OAuth.version || Defaults.version,
'http://'+this.Data.callbackHost+this.OAuth.callback,
this.OAuth.signature || Defaults.signature
);
// change header separator to make 500px work with it.
this.OA._oauthParameterSeperator = ', ';
// request token
this.OA.getOAuthRequestToken(callback);
}this.provider.applicationByConsumerKey(requestParameters['oauth_consumer_key'], function(err, user) {
if(err) {
callback(new errors.OAuthProviderError('Invalid Consumer Key'), null);
} else {
if(user.consumer_key == null || user.secret == null) { callback(new errors.OAuthProviderError("provider: applicationByConsumerKey must return a object with fields [consumer_key, secret]")); return;}
// Ensure we don't have any hanging consumer keys
self.provider.cleanRequestTokens(requestParameters['oauth_consumer_key'], function(err, result) {
// If we have a user for this consumer key let's calculate the signature
var calculatedSignature = self.calculateSignature(method, protocol, url, path, requestParameters, user.token, user.secret);
// Check if the signature is correct and return a request token
if(calculatedSignature == requestParameters.oauth_signature || self.calculateSignatureGoogleWay(method, protocol, url, path, requestParameters, user.token, user.secret) == requestParameters.oauth_signature) {
self.provider.generateRequestToken(requestParameters.oauth_consumer_key, requestParameters.oauth_callback, function(err, result) {
if(err) {
callback(new errors.OAuthProviderError("internal error"), null);
} else {
if(result.token == null || result.token_secret == null) { callback(new errors.OAuthProviderError("provider: generateRequestToken must return a object with fields [token, token_secret]"), null); return;}
result['oauth_callback_confirmed'] = true;
callback(null, result);
}this.provider.fetchAuthorizationInformation(username, token, function(err, application, user) {
if(application.title == null || application.description == null || user.token == null || user.username == null) { callback(new errors.OAuthProviderError("provider: applicationByConsumerKey must return a application object with fields [title, description] and a user object with fields [username, token]"), null); return;}
// Return the value to calling plugin
callback(err, application, user);
});
}this.provider.applicationByConsumerKey(requestParameters['oauth_consumer_key'], function(err, user) {
if(err) {
callback(new errors.OAuthProviderError('Invalid Consumer Key'), null);
} else {
if(user.consumer_key == null || user.secret == null) { callback(new errors.OAuthProviderError("provider: applicationByConsumerKey must return a object with fields [consumer_key, secret]")); return;}
// Ensure we don't have any hanging consumer keys
self.provider.cleanRequestTokens(requestParameters['oauth_consumer_key'], function(err, result) {
// If we have a user for this consumer key let's calculate the signature
var calculatedSignature = self.calculateSignature(method, protocol, url, path, requestParameters, user.token, user.secret);
// Check if the signature is correct and return a request token
if(calculatedSignature == requestParameters.oauth_signature || self.calculateSignatureGoogleWay(method, protocol, url, path, requestParameters, user.token, user.secret) == requestParameters.oauth_signature) {
self.provider.generateRequestToken(requestParameters.oauth_consumer_key, requestParameters.oauth_callback, function(err, result) {
if(err) {
callback(new errors.OAuthProviderError("internal error"), null);
} else {
if(result.token == null || result.token_secret == null) { callback(new errors.OAuthProviderError("provider: generateRequestToken must return a object with fields [token, token_secret]"), null); return;}
result['oauth_callback_confirmed'] = true;
callback(null, result);
}
});
} else {self.provider.validToken(requestParameters.oauth_token, function(err, token) {
if(err) {
callback(new errors.OAuthProviderError('Invalid / expired Token'), null);
} else {
if(token.access_token == null || token.token_secret == null) { callback(new errors.OAuthProviderError("provider: validToken must return a object with fields [access_token, token_secret]"), null); return;}
self.provider.validateNotReplay(requestParameters.oauth_token, requestParameters.oauth_timestamp, requestParameters.oauth_nonce, function(err, result) {
if(err) {
callback(new errors.OAuthUnauthorizedError('Invalid / used nonce'), null);
} else {
self.provider.applicationByConsumerKey(token.consumer_key, function(err, user) {
if(user.consumer_key == null || user.secret == null) { callback(new errors.OAuthProviderError("provider: applicationByConsumerKey must return a object with fields [token, secret]"), null); return;}
// If we have a user for this consumer key let's calculate the signature
var calculatedSignature = self.calculateSignature(method, protocol, url, path, requestParameters, token.token_secret, user.secret);
// Check if the signature is correct and return a access token
if(calculatedSignature == requestParameters.oauth_signature || self.calculateSignatureGoogleWay(method, protocol, url, path, requestParameters, token.token_secret, user.secret) == requestParameters.oauth_signature) {
// Fetch the user id to pass back
self.provider.userIdByToken(requestParameters.oauth_token, function(err, doc) {
if(doc.id == null) { callback(new errors.OAuthProviderError("provider: userIdByToken must return a object with fields [id]"), null); return;}
// Return the user id to the calling functionself.provider.applicationByConsumerKey(token.consumer_key, function(err, user) {
if(user.consumer_key == null || user.secret == null) { callback(new errors.OAuthProviderError("provider: applicationByConsumerKey must return a object with fields [token, secret]"), null); return;}
// If we have a user for this consumer key let's calculate the signature
var calculatedSignature = self.calculateSignature(method, protocol, url, path, requestParameters, token.token_secret, user.secret);
// Check if the signature is correct and return a access token
if(calculatedSignature == requestParameters.oauth_signature || self.calculateSignatureGoogleWay(method, protocol, url, path, requestParameters, token.token_secret, user.secret) == requestParameters.oauth_signature) {
// Fetch the user id to pass back
self.provider.userIdByToken(requestParameters.oauth_token, function(err, doc) {
if(doc.id == null) { callback(new errors.OAuthProviderError("provider: userIdByToken must return a object with fields [id]"), null); return;}
// Return the user id to the calling function
callback(null, doc);
});
} else {
callback(new errors.OAuthBadRequestError("Invalid signature"), null);
}
});
}oauth
Library for interacting with OAuth 1.0, 1.0A, 2 and Echo. Provides simplified client access and allows for construction of more complex apis and OAuth providers.
Package Health Score
68 / 100Popular oauth functions
- oauth.authorize
- oauth.get
- oauth.ignore_registration_policy
- oauth.initialize
- oauth.js.OAuth
- oauth.OAuth
- oauth.oauth
- oauth.OAuth2
- oauth.OAuth2.call
- oauth.OAuth2.prototype
- oauth.popup
- oauth.post
- oauth.redirect
- oauth.revoke
- oauth.user
- oauth/crypto/sha1.SHA1
- oauth/lib/oauth2.OAuth2
- oauth/oauth_error.OAuthBadRequestError
- oauth/oauth_error.OAuthProviderError
- oauth/oauth_error.OAuthUnauthorizedError