Created
November 21, 2018 10:39
-
-
Save adambutler/d54c5fa47c469d3febf9c73effd21dc4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Step One: Generate a verifier | |
function base64URLEncode(str) { | |
return str.toString('base64') | |
.replace(/\+/g, '-') | |
.replace(/\//g, '_') | |
.replace(/=/g, '') | |
} | |
var verifier = base64URLEncode(crypto.randomBytes(32)) | |
// Step Two: Generate a challenge from the verifier | |
function sha256(buffer) { | |
return crypto.createHash('sha256').update(buffer).digest() | |
} | |
var challenge = base64URLEncode(sha256(verifier)) | |
// Step Three: Direct your user to the GET /oauth/authorize endpoint | |
// | |
// Example URL: https://example.org/oauth/authorize | |
// Params: client_id=<CLIENT_ID> | |
// redirect_uri=http://127.0.0.1:8990/callback | |
// response_type=code | |
// code_challenge=<CHALLENGE_VAR> | |
// code_challenge_method=S256 | |
// Step Four: Callback is given code parameter. | |
var code = request.parameters('code') | |
// Step Five: Request token providing the code_verifier | |
// Example URL: https://example.org/oauth/token | |
// Params: client_id=<CLIENT_ID> | |
// redirect_uri=http://127.0.0.1:8990/callback | |
// grant_type=authorization_code | |
// code=<CODE_VAR> | |
// code_verifier=<VERIFIER_VAR> | |
fetch(url, { method: 'POST' }) | |
.then((res) => { res.json() }) | |
.then((payload) => { | |
var accessToken = payload.access_token | |
}) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment