GithubHelp home page GithubHelp logo

thiago-negri / node-oauth-lite Goto Github PK

View Code? Open in Web Editor NEW

This project forked from niallsmart/node-oauth-lite

0.0 1.0 0.0 137 KB

OAuth 1.0a client library for Node.js

CoffeeScript 63.91% Python 35.49% JavaScript 0.60%

node-oauth-lite's Introduction

Introduction

node-oauth-lite is a lightweight OAuth 1.0a client library for Node.js. It's designed for use with any HTTP client library, and supports Google's [XOAUTH mechanism] (https://developers.google.com/google-apps/gmail/oauth_protocol) for SMTP and IMAP authentication.

Example Usage

Fetching a Request Token

oauth = require("oauth-lite")

state =
  oauth_consumer_key: 'anonymous'       # Google do not require pre-registration of OAuth clients
  oauth_consumer_secret: 'anonymous'
  oauth_callback: 'oob'                 # A web-app would usually provide the provider a callback URL instead.

url = 'https://www.google.com/accounts/OAuthGetRequestToken'

form =                                   # Additional request parameters specific to Google's API
  xoauth_displayname: 'node-oauth-lite'
  scope: 'https://www.googleapis.com/auth/userinfo#email'     

oauth.fetchRequestToken state, url, form, (err, params) ->
  # if the request was successful, the temporary request token
  # is supplied as params.oauth_token and params.oauth_token_secret

Authorizing a Request Token

Once a temporary request token has been generated, the user must authorize access. Usually this involves redirecting the user to an authorization page on the service provider specifying the request token as a query parameter.

If the user grants access, the service provider will provide a verification code (either via a confirmation page or HTTP callback to the client, depending on the oauth_callback parameter above) and then the request token can then be exchanged for a permanent access token.

Exchanging an authorized Request Token for an Access Token

state =
  oauth_consumer_key: 'anonymous'
  oauth_consumer_secret: 'anonymous'
  oauth_token: '<AUTHORIZED-REQUEST-TOKEN>'
  oauth_token_secret: '<AUTHORIZED-REQUEST-TOKEN-SECRET>'
  oauth_verifier: '<VERIFICATION-CODE-FROM-CALLBACK>'

url = 'https://www.google.com/accounts/OAuthGetAccessToken'

oauth.fetchAccessToken state, url, null, (err, params) =>
  # if the request was successful, the permanent access token
  # is supplied as params.oauth_token and params.oauth_token_secret

Using an Access Token

The access token can now be used to make authorized HTTP requests to the service provider on behalf of the user. Requests must include the Authenticate" header as generated by the oauth.makeAuthorizationHeader API.

https = require('https')
urllib = require('url')
oauth = require('oauth-lite')

state =
  oauth_consumer_key: 'anonymous'
  oauth_consumer_secret: 'anonymous'
  oauth_token: '<USERS-ACCESS-TOKEN>'
  oauth_token_secret: '<USERS-ACCESS-TOKEN-SECRET>'
  
url = 'https://www.googleapis.com/userinfo/email'

options = urllib.parse(url, true);
options.url = options
options.method = 'GET'
options.headers =
  'Authorization': oauth.makeAuthorizationHeader(state, options)

https.get options, (response) ->
  response.on 'data', (chunk) ->
    console.log('DATA: ' + chunk)

XOAuth Support

An access token can also be used to authenticate to SMTP and IMAP servers using Google's [XOAUTH mechanism] (https://developers.google.com/google-apps/gmail/oauth_protocol).

urllib = require('url')
oauth = require('oauth-lite')
Imap = require('imap')

state =
  oauth_consumer_key: 'anonymous'
  oauth_consumer_secret: 'anonymous'
  oauth_token: '<USERS-ACCESS-TOKEN>'
  oauth_token_secret: '<USERS-ACCESS-TOKEN-SECRET>'

email = '<USERS-EMAIL>'
url = "https://mail.google.com/mail/b/#{email}/imap/"

options = urllib.parse(url)
options.method = "GET"
icr = oauth.makeClientInitialResponse(state, options)

imap = new Imap(
  xoauth: icr
  host: 'imap.gmail.com',
  port: 993,
  secure: true
)

imap.connect (err) ->
  if (err)
    console.log("IMAP connect failed", err)
    return
  console.log("connected to IMAP server")
  imap.openBox 'INBOX', true, (err, info) ->
    if (!err)
      console.log("#{info.messages.total} messages(s) in INBOX");
    imap.logout();

Reference

Tests

If you have't already done so, globally install nodeunit first with npm install -g nodeunit then run cake test to run the unit tests.

Interactive tests for some common OAuth service providers are in tests/interactive.

node-oauth-lite's People

Watchers

Thiago Negri avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.