From 6b7b8f3198b07b7f0d66f9aa7921242922c66aeb Mon Sep 17 00:00:00 2001 From: ciaranj Date: Sun, 2 May 2010 15:43:10 +0100 Subject: [PATCH] Added in some basic (but working) OAuth2 support no specs :( .. I suck. --- Readme.md | 5 ++- examples/facebook.js | 4 ++ lib/oauth2.js | 98 ++++++++++++++++++++++++++++++++++++++++++++ seed.yml | 2 +- 4 files changed, 107 insertions(+), 2 deletions(-) create mode 100644 examples/facebook.js create mode 100644 lib/oauth2.js diff --git a/Readme.md b/Readme.md index e1287cd..30297a6 100644 --- a/Readme.md +++ b/Readme.md @@ -2,4 +2,7 @@ node-oauth =========== A simple oauth API for node.js . This API allows users to authenticate against OAUTH providers, and thus act as OAuth consumers -Tested against both Twitter (http://twitter.com) and term.ie (http://term.ie/oauth/example/) \ No newline at end of file +Tested against both Twitter (http://twitter.com) and term.ie (http://term.ie/oauth/example/) + + +Also provides rudimentary OAuth2 support, tested against facebook connect. diff --git a/examples/facebook.js b/examples/facebook.js new file mode 100644 index 0000000..17d43f2 --- /dev/null +++ b/examples/facebook.js @@ -0,0 +1,4 @@ +var sys= require('sys') +var OAuth2= require('../lib/oauth2').OAuth2; + +var oa= new OAuth2("113560732012113", "f53a25cf96e19743fdcd189307bf47ac", "https://graph.facebook.com") \ No newline at end of file diff --git a/lib/oauth2.js b/lib/oauth2.js new file mode 100644 index 0000000..62baab2 --- /dev/null +++ b/lib/oauth2.js @@ -0,0 +1,98 @@ +var querystring= require('querystring'), + crypto= require('crypto'), + http= require('http'), + URL= require('url'); + +var sys= require('sys'); + +exports.OAuth2= function(clientId, clientSecret, baseSite, authorizePath, accessTokenPath) { + this._clientId= clientId; + this._clientSecret= clientSecret; + this._baseSite= baseSite; + this._authorizeUrl= authorizePath || "/oauth/authorize" + this._accessTokenUrl= accessTokenPath || "/oauth/access_token" +} + + + +exports.OAuth2.prototype._getAccessTokenUrl= function( params ) { + var params= params || {}; + params['client_id'] = this._clientId; + params['client_secret'] = this._clientSecret; + params['type']= 'web_server'; + + return this._baseSite + this._accessTokenUrl + "?" + querystring.stringify(params); +} + +exports.OAuth2.prototype._request= function(method, url, headers, access_token, callback) { + + var creds = crypto.createCredentials({ }); + var parsedUrl= URL.parse( url, true ); + if( parsedUrl.protocol == "https:" && !parsedUrl.port ) parsedUrl.port= 443; + var httpClient = http.createClient(parsedUrl.port, parsedUrl.hostname, true, creds); + + var realHeaders= {}; + if( headers ) { + for(var key in headers) { + realHeaders[key] = headers[key]; + } + } + realHeaders['Host']= parsedUrl.host; + if( access_token ) { + if( ! parsedUrl.query ) parsedUrl.query= {}; + parsedUrl.query["access_token"]= access_token; + } + + var request = httpClient.request(method, parsedUrl.pathname + "?" + querystring.stringify(parsedUrl.query), realHeaders ); + + httpClient.addListener("secure", function () { +/* // disable verification for now. + +var verified = httpClient.verifyPeer(); + if(!verified) this.end(); */ + }); + + var result= ""; + request.addListener('response', function (response) { + response.addListener("data", function (chunk) { + result+= chunk + }); + response.addListener("end", function () { + if( response.statusCode != 200 ) { + callback( response.statusCode +" : " + result ); + } else { + callback(null, result, response); + } + }); + }); + + request.end(); +} + + +exports.OAuth2.prototype.getAuthorizeUrl= function( params ) { + var params= params || {}; + params['client_id'] = this._clientId; + params['type'] = 'web_server'; + return this._baseSite + this._authorizeUrl + "?" + querystring.stringify(params); +} + +exports.OAuth2.prototype.getOAuthAccessToken= function(code, params, callback) { + var params= params || {}; + params['code']= code; + + this._request("POST", this._getAccessTokenUrl(params), {}, null, function(error, data, response) { + if( error ) callback(error); + else { + var results= querystring.parse(data); + var access_token= results["access_token"]; + var refresh_token= results["refresh_token"]; + delete results["refresh_token"]; + callback(null, access_token, refresh_token); + } + }); +} + +exports.OAuth2.prototype.getProtectedResource= function(url, access_token, callback) { + this._request("GET", url, {}, access_token, callback ); +} diff --git a/seed.yml b/seed.yml index 72af404..affd45e 100644 --- a/seed.yml +++ b/seed.yml @@ -1,4 +1,4 @@ --- name: oauth description: An implementation of an OAuth client. - version: 0.0.5 + version: 0.0.6