jaredhanson / passport-instagram Goto Github PK

Instagram authentication strategy for Passport and Node.js.

Home Page: https://www.passportjs.org/packages/passport-instagram/?utm_source=github&utm_medium=referral&utm_campaign=passport-instagram&utm_content=about

License: MIT License

JavaScript 98.23% Makefile 1.77%

passport-instagram's Introduction

Passport-Instagram

Passport strategy for authenticating with Instagram using the OAuth 2.0 API.

This module lets you authenticate using Instagram in your Node.js applications. By plugging into Passport, Instagram authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

🧠 Understanding OAuth 2.0 • :heart: Sponsors

...

Install

$ npm install passport-instagram

Usage

Configure Strategy

The Instagram authentication strategy authenticates users using a Instagram account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a client ID, client secret, and callback URL.

passport.use(new InstagramStrategy({
    clientID: INSTAGRAM_CLIENT_ID,
    clientSecret: INSTAGRAM_CLIENT_SECRET,
    callbackURL: "http://127.0.0.1:3000/auth/instagram/callback"
  },
  function(accessToken, refreshToken, profile, done) {
    User.findOrCreate({ instagramId: profile.id }, function (err, user) {
      return done(err, user);
    });
  }
));

Authenticate Requests

Use passport.authenticate(), specifying the 'instagram' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get('/auth/instagram',
  passport.authenticate('instagram'));

app.get('/auth/instagram/callback', 
  passport.authenticate('instagram', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });

Examples

For a complete, working example, refer to the login example.

Tests

$ npm install --dev
$ make test

Credits

Jared Hanson

License

The MIT License

passport-instagram's People

Contributors

Stargazers

Watchers

passport-instagram's Issues

calling passport-instagram from REACTJS

Hi there,
thanks for creating awesome library! I got this working on my Nodejs app. however, I do not have frond end in my nodejs so I would like to call it from my REACTJS app. when I call /auth/instagram since it is returning to the app via a callback from ingragram, I do not get the response in ReactJS app (no instagram login page is shown). any help really would be appreciated.

Scope

How would I go about changing the auth scope to include likes, comments, and relationships?

Thanks for any help!

Matching code was not found or was already used

I started getting this error in my logs yesterday out of nowhere (app hasn't been suspended or anything and code hasn't changed):

error: { InternalOAuthError: Failed to obtain access token
    at Strategy.OAuth2Strategy._createOAuthError (/app/node_modules/passport-oauth2/lib/strategy.js:370:17)
    at /app/node_modules/passport-oauth2/lib/strategy.js:166:45
    at /app/node_modules/oauth/lib/oauth2.js:177:18
    at passBackControl (/app/node_modules/oauth/lib/oauth2.js:123:9)
    at IncomingMessage.<anonymous> (/app/node_modules/oauth/lib/oauth2.js:143:7)
    at emitNone (events.js:91:20)
    at IncomingMessage.emit (events.js:185:7)
    at endReadableNT (_stream_readable.js:974:12)
    at _combinedTickCallback (internal/process/next_tick.js:74:11)
    at process._tickCallback (internal/process/next_tick.js:98:9)
  name: 'InternalOAuthError',
  message: 'Failed to obtain access token',
  oauthError:
   { statusCode: 400,
     data: '{"code": 400, "error_type": "OAuthException", "error_message": "Matching code was not found or was already used."}' } }
172.20.0.131 - - [19/Dec/2016:07:32:38 +0000] "GET /v1/auth/connect/instagram/callback?code=fb86fa830c7b4c2eaac03d88bd03ed5e HTTP/1.1" 500 39 "https://blockai.com/account/social" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" user_id=20 user_username=olalonde

Was wondering if anyone else had a similar issue and fixed it.

fails at authorization - is this package still supported?

I'm using passport-instagram to connect ot Instagram's Basic Display API. The example here looks out-of-date since it is missing the required scope parameter in the call to passport.authenticate. However, with that added I do get an authorization code returned from Instagram. At that point passport fails with "InternalOAuthError: failed to fetch user profile". According to the Instagram docs, passport should use the authoriztion code to exchange for a short-lived token. I'm wondering if this is not occurring because this package is no longer being updated?

Is this project still alive?

@jaredhanson

Hi,

Sorry to bother you, but are you still maintaining this project? It's was pretty useful but now is not working, and you are forcing a lot of people to fork it.

Again, sorry, but I wanted to check before forking it :P.

Specific callbackUrl per request to authenticate throws error...

Hi guys,

I am Integrating a Instagram authentication to my app. and i have having two different triggering points to authenticate and both have different callbackUrl.

The code driving my implementation is:

passport.use(new InstagramStrategy({
  clientID: config.instagram_api_clientId,
  clientSecret: config.instagram_api_clientSecret,
// callbackURL: `http://${config.host}:${config.port}/auth/instagram/login/callback`,
}, (accessToken, refreshToken, profile, done) => {
  // user handling code
  done(null, profile)
}))

router.get('/instagram/signup',
passport.authenticate('instagram', {
    callbackURL: `http://${config.host}:${config.port}/auth/instagram/signup/callback`,
  }),
);

router.get('/instagram/login',
passport.authenticate('instagram', {
    callbackURL: `http://${config.host}:${config.port}/auth/instagram/login/callback`,
  }),
);

router.get('/instagram/:action/callback', passport.authenticate(
  'instagram',
  {
    session: false,
    failureRedirect: '/auth/instagram/login/callback',
    callbackURL: `http://${config.host}:${config.port}/auth/instagram/login/callback`,
  },
), (req, res) => {
  // Successful authentication, redirect home.
  res.redirect(config.client_instagram_redirect_url);
});

So As you can see i am calling instagram auth from two endpoints and i am passing the respective callbackUrls but doing this gives me following error.

{"error_type": "OAuthException", "code": 400, "error_message": "Redirect URI doesn't match original redirect URI"}

Error
    at Strategy.OAuth2Strategy._createOAuthError (/home/anil/Official/repos/thinksys/influra_backend/node_modules/passport-oauth2/lib/strategy.js:379:17)
    at /home/anil/Official/repos/thinksys/influra_backend/node_modules/passport-oauth2/lib/strategy.js:166:45
    at /home/anil/Official/repos/thinksys/influra_backend/node_modules/oauth/lib/oauth2.js:191:18
    at passBackControl (/home/anil/Official/repos/thinksys/influra_backend/node_modules/oauth/lib/oauth2.js:132:9)
    at IncomingMessage.<anonymous> (/home/anil/Official/repos/thinksys/influra_backend/node_modules/oauth/lib/oauth2.js:157:7)
    at emitNone (events.js:110:20)
    at IncomingMessage.emit (events.js:207:7)
    at endReadableNT (_stream_readable.js:1059:12)
    at _combinedTickCallback (internal/process/next_tick.js:138:11)
    at process._tickCallback (internal/process/next_tick.js:180:9)

This works fine if i register the callbackUrl on Stragegy Level by uncommending the callbackUrl and remove the callbackUrl from authenticate call.
I have all of my callback urls registered in instagram account and these works if i provide at strategy level.
This behaviour works fine with passport-facebook.

essentially what i want to achieve is to know from which action user came i.e. login or signup .
and it is critical for me to get it

Failed to fetch user profile

this._oauth2.get('https://api.instagram.com/v1/users/self', accessToken, function (err, body, res) {
if (err) { return done(new InternalOAuthError('failed to fetch user profile', err));

Getting this error from last 2 days, is it instagram end issue?

Passport strategy not working.

The following error is being logged on callback. It looks like this is causing several apps to break.

failed to fetch user profile (status: 400 data: {"meta":{"error_type":"OAuthParameterException","code":400,"error_message":"Missing client_id or access_token URL parameter."}})

Could very well be on Instagram's end.

Instagram has discontinued this service.

Hi @jaredhanson, I believe instagram has discontinued this service. They have moved over the Instagram Basic Display API, which does not support authentication. Thanks for your awesome work, regardless.

NOTIFICATION FROM INSTAGRAM:

UPDATE: Starting October 15, 2019, new client registration and permission review on Instagram API platform are discontinued in favor of the Instagram Basic Display API.

ON THE INSTAGRAM BASIC DISPLAY DOCUMENTATION:

Instagram Basic Display is not an authentication solution. Data returned by the API cannot be used to authenticate your app users or log them into your app. If you need an authentication solution we recommend using Facebook Login instead

OAuthError on callback

Hi, I'm getting the following error when landing back on my /auth/ig/callback:

Error
    at Strategy.OAuth2Strategy._createOAuthError (/Users/jack/code/fiiture/node_modules/passport-oauth2/lib/strategy.js:379:17)
    at /Users/jack/code/fiiture/node_modules/passport-oauth2/lib/strategy.js:166:45
    at /Users/jack/code/fiiture/node_modules/oauth/lib/oauth2.js:191:18
    at passBackControl (/Users/jack/code/fiiture/node_modules/oauth/lib/oauth2.js:132:9)
    at IncomingMessage.<anonymous> (/Users/jack/code/fiiture/node_modules/oauth/lib/oauth2.js:157:7)
    at emitNone (events.js:91:20)
    at IncomingMessage.emit (events.js:185:7)
    at endReadableNT (_stream_readable.js:974:12)
    at _combinedTickCallback (internal/process/next_tick.js:74:11)
    at process._tickDomainCallback (internal/process/next_tick.js:122:9)

The code driving my implementation is:

passport.use(new InstagramStrategy({
  clientID: cfg.instagram_api_clientId,
  clientSecret: cfg.instagram_api_clientSecret,
  callbackURL: cfg.instagram_api_authCallback
}, (accessToken, refreshToken, profile, done) => {
  // I don't get here
  console.log(profile)
  console.log(refreshToken)
  console.log(accessToken)
  done(null, profile)
}))
app.get('/auth/ig', passport.authenticate('instagram'))
app.get('/auth/ig/callback', (req, res, next) => {
  // I get here
  log(`Callback`)
  next()
}, passport.authenticate('instagram', { failureRedirect: '/auth/ig' }), (req, res) => {
  res.redirect('/')
})

"Callback" is logged but then the failure happens. None of profile, refreshToken or accessToken are logged.

In browser, I land as I would expect on /auth/ig/callback?code=accesscodenfjnejeneakjv.

This error's really impenetrable - any guesses as to what's going wrong here?

Unnecessary second network request

As Jared already said in

passport-instagram/lib/strategy.js

Lines 73 to 77 in d78c551

 // TODO: Instagram provides user profile information in the access token 

 // response. As an optimization, that information should be used, which 

 // would avoid the need for an extra request during this step. However, 

 // the internal node-oauth module will have to be modified to support 

 // exposing this information.

we don't need to make a second call to the Instagram API here if we just need basic information.

But we don't have to rewrite the oauth2 module, because it already gives us the data we need. So if you only need the basic information, you can avoid a second network request with the following trick:

pass skipUserProfile: true to the options and add one parameter to the callback function, as shown in the following example:

Before:

passport.use(
  new InstagramStrategy(
    {
      clientID: config.instagram.clientID,
      clientSecret: config.instagram.clientSecret,
      callbackURL: `https://${siteurl}/auth/instagram/callback`,
      passReqToCallback: true,
    },
    (req, accessToken, refreshToken, profile, done) => {
      return doRegisterOrLogin(req, profile, done)
    }
  )
)

After:

passport.use(
  new InstagramStrategy(
    {
      clientID: config.instagram.clientID,
      clientSecret: config.instagram.clientSecret,
      callbackURL: `https://${siteurl}/auth/instagram/callback`,
      passReqToCallback: true,
      skipUserProfile: true,
    },
    (req, accessToken, refreshToken, params, _profile, done) => {
      console.log(params)
      if (typeof params === 'undefined' || params === null || params === {}) {
        return done(new Error('invalid data from instagram'))
      }
      const profile = params.user

      return doRegisterOrLogin(req, profile, done)
    }
  )
)

As you can see, we can skip the second request and the params object looks something similar to this:

{ access_token: '11970824.2*****0.37f*****e5274***a51643*****abb**',
  user:
   { id: '11970824',
     username: 'dern3rd',
     profile_picture: 'https://...._n.jpg',
     full_name: 'Max',
     bio: 'bio goes here',
     website: 'https://domain.tld',
     is_business: false } }

This helped us a lot, because many requests (around 4%) failed on the second request (because of 'internal server error's from instagram)

OAuth2Strategy error - module not working

Hello folks,

Could someone help please,
I'm trying to use this module to add sign/signup with Instagram to my node web app but I'm getting the following error when trying to run the app.

It's a road-block for me right now as I have spend a long time searching all over the web for any possible tips on how to go about debugging the issue, but no luck so far, could someone be generous enough to give me some guidance as what could possibly be wrong or how to fix this...?

Note: My app is passing the clientID and the secret via the config file.

Thank you so much,
Regards,

/myapp/node_modules/passport-oauth2/lib/strategy.js:82
  if (!options.clientID) { throw new TypeError('OAuth2Strategy requires a clientID option'); }
                                 ^
TypeError: OAuth2Strategy requires a clientID option
    at Strategy.OAuth2Strategy (/myapp/node_modules/passport-oauth2/lib/strategy.js:82:34)
    at new Strategy (/myapp/node_modules/passport-instagram/lib/strategy.js:48:18)
    at Object.setup (/myapp/server/auth/instagram/passport.js:5:16)
    at Object.<anonymous> (/myapp/server/auth/index.js:11:33)
    at Module._compile (module.js:570:32)
    at loader (/myapp/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/myapp/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)
    at Function.Module._load (module.js:438:3)
    at Module.require (module.js:497:17)
    at require (internal/module.js:20:19)
    at Object.exports.default (/myapp/server/routes.js:15:20)
    at Object.<anonymous> (/myapp/server/app.js:34:1)
    at Module._compile (module.js:570:32)
    at loader (/myapp/node_modules/babel-register/lib/node.js:144:5)
    at Object.require.extensions.(anonymous function) [as .js] (/myapp/node_modules/babel-register/lib/node.js:154:7)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)
    at Function.Module._load (module.js:438:3)
    at Module.require (module.js:497:17)
    at require (internal/module.js:20:19)
    at Object.<anonymous> (/myapp/server/index.js:12:28)
    at Module._compile (module.js:570:32)
    at Object.Module._extensions..js (module.js:579:10)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)
    at Function.Module._load (module.js:438:3)
[nodemon] app crashed - waiting for file changes before starting...

Outdated?

Can't get it to work at all - is it outdated?

Example not working

node app.js

/.../app.js:51
var app = express.createServer();
^
TypeError: Object function createApplication() {
var app = function(req, res, next) {
app.handle(req, res, next);
};

mixin(app, proto);
mixin(app, EventEmitter.prototype);

app.request = { proto: req, app: app };
app.response = { proto: res, app: app };
app.init();
return app;
} has no method 'createServer'
at Object. (/.../app.js:51:19)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:906:3

Scope field is not working

I'm giving the scope field to the passport.authenticate() but it doesn't redirect me to the Instagram auth URL with query scope parameters.

Here is my code

Router.get('/instagram/callback', (req, res) => {
    passport.authenticate('instagram', {
        scope: ['user_profile', 'user_media'],
        successRedirect: '/profile', 
        failureRedirect: '/login',  
        session: true
    });

    res.json({'status': 'success'});
});

It redirects the user to the https://www.instagram.com/oauth/authorize/?response_type=code&redirect_uri=https://localhost:3000/auth&client_id=my_client_id
As you can see there is no scope query parameter. And unfortunately, Instagram gives an error like this;

{
"error_type": "OAuthException",
"code": 400,
"error_message": "Invalid scope: []"
}

How can I add scope?

Authenticating Against an Instagram business account

I want to authenticate against an Instagram business account. How can that be achieved with this?

user email

Can we get user email with the api?

logout instagram

Is it possible to logout instagram from our logout api?

linking multiple instagram accounts into an app

Hi,
I love your library it saves me a ton of time managing the authentication with instagram. I'm writing an app in which I would like to link multiple instagram accounts. And the problem I have is after I do passport.authenticate('instagram', { session: false }) the cookie from instagram stays at my browser and I don't see instagram login screen just others screen from my app with error that account is already linked...

Do you have any idea how to get this feature?
I think it's impossible to send POST request to instagram (third party website)

failureRedirect runs even on success

router.get('/instagram', passport.authenticate('instagram'));

router.get('/instagram/callback', passport.authenticate('instagram', {
  failureRedirect: '/'
}), function(req, res){
  res.redirect('/config');
});

The failureRedirect is the one that always runs even when it's successful

	// TODO: Instagram provides user profile information in the access token
	// response. As an optimization, that information should be used, which
	// would avoid the need for an extra request during this step. However,
	// the internal node-oauth module will have to be modified to support
	// exposing this information.