/mashape-oauth

OAuth Modules for Node.js - Supporting RSA, HMAC, PLAINTEXT, 2,3-Legged, 1.0a, Echo, XAuth, and 2.0

Primary LanguageJavaScriptMIT LicenseMIT

Mashape OAuth

OAuth Modules for Node.js - Supporting RSA, HMAC, PLAINTEXT, 2,3-Legged, 1.0a, Echo, XAuth, and 2.0

Installation

npm install mashape-oauth

Usage

Require the library and the one you wish to use.

  1. OAuth
  2. getOAuthRequestToken
  3. getOAuthAccessToken
  4. getXAuthAccessToken
  5. Request Methods
  6. OAuth2

Using OAuth (1.x, XAuth, Echo):

var OAuth = require('mashape-oauth').OAuth;
var oa = new OAuth({ /* … options … */ }, callback);
  • options Object OAuth request options
    • echo Object Optional If it exists we treat the request as OAuth Echo request. See Twitter
      • verifyCredentials String What is the credentials URI to delegate against?
    • realm String Optional Access Authentication Framework Realm Value, Commonly used in Echo Requests, allowed in all however: Section 3.5.1
    • requestUrl String Request Token URL. Section 6.1
    • accessUrl String Access Token URL. Section 6.2
    • callback String URL the Service Provider will use to redirect User back to Consumer after obtaining User Authorization has been completed. Section 6.2.1
    • consumerKey String The Consumer Key
    • consumerSecret String The Consumer Secret
    • version String Optional By spec this is 1.0 by default. Section 6.3.1
    • signatureMethod String Type of signature to generate, must be one of:
      • PLAINTEXT
      • RSA-SHA1
      • HMAC-SHA1
    • nonceLength Number Optional Length of nonce string. Default 32
    • headers Object Optional Headers to be sent along with request, by default these are already set.
    • clientOptions Object Optional Contains requestTokenHttpMethod and accessTokenHttpMethod value.
    • parameterSeperator String Optional Seperator for OAuth header parameters. Default is ,

getOAuthRequestToken() - Creating Request Token Call

oa.getOAuthRequestToken({ /* … parameters … */ }, callback);
  • parameters Object Optional Additional Headers you might want to pass along.
    • If omitted, you can treat parameters argument as callback and pass along a function as a single parameter.
  • callback Function Anonymous Function to be invoked upon response or failure.
Example
oa.getOAuthRequestToken(function (error, oauth_token, oauth_token_secret, results) {
  if (error)
    return res.send('Error getting OAuth Request Token: ' + error, 500);
  else
    // Usually a redirect happens here to the /oauth/authorize stage
    return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});

getOAuthAccessToken() - Creating OAuth Access Token Call

oa.getOAuthAccessToken(options, callback);
  • options Object
    • oauth_verifier String Verification code tied to the Request Token. Section 2.3
    • oauth_token String Request Token
    • oauth_token_secret String Request Token Secret, used to help generation of signatures.
    • parameters Object Optional Additional headers to be sent along with request.
    • callback Function Optional Method to be invoked upon result, over-ridden by argument if set.
  • callback Function Anonymous Function to be invoked upon response or failure, setting this overrides previously set callback inside options object.
Example
oa.getOAuthAccessToken({
  oauth_verifier: 'ssid39b',
  oauth_token: 'request_key',
  oauth_secret: 'request_secret'
}, function (error, token, secret, result) {
  if (error)
    return res.send('Error getting XAuth Access Token: ' + error, 500);
  else
    // Usually you want to store the token and secret in a session and make your requests after this
    return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});

getXAuthAccessToken() - Creating XAuth Access Token Call

oa.getXAuthAccessToken(username, password, callback);
  • username {String} XAuth Username credentials of User obtaining a token on behalf of
  • password {String} XAuth Password credentials of User obtaining a token on behalf of
  • callback {Function} Anonymous Function to be invoked upon response or failure.
Example
oa.getXAuthAccessToken('nijikokun', 'abc123', function (error, oauth_token, oauth_token_secret, results) {
  if (error)
    return res.send('Error getting XAuth Access Token: ' + error, 500);
  else
    // Usually you want to store the token and secret in a session and make your requests after this
    return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});

Request Methods

oa.post(options, callback);
oa.get(options, callback);
oa.delete(options, callback);
oa.patch(options, callback);
oa.put(options, callback);

// Alternatively, you can use the old node-oauth style: (Where method is one of five above.)
oa.method(url, oauth_token, oauth_token_secret, body, type, parameters, callback);
  • options {Object} Contains Request Information
    • url {String} URL to be requested upon
    • oauth_token {String} Optional; Dependant upon request step, could be access, or request token.
    • oauth_token_secret {String} Optional; Dependant upon request step
    • body {String} Optional; Body information to be sent along with request.
    • type {String} Optional; Content Request Type
    • parameters {Object} Optional; Additional headers you wish to pass along with your request.
    • callback {Function} Optional; Method to be invoked upon result, over-ridden by argument if set.
  • callback {Function} Method to be invoked upon result, over-rides options callback.

Using OAuth2:

var OAuth2 = require('mashape-oauth').OAuth2;
var oa = new OAuth2({ /* … options … */ }, callback);
  • options {Object} OAuth Request Options
    • clientId {String} Client Identifier
    • clientSecret {String} Client Secret
    • baseUrl {String} Base url of OAuth request
    • authorizationUrl {String} Optional; Authorization endpoint, default is /oauth/authorize
    • authorizationMethod {String} Optional; Authorization Header Method, default is Bearer
    • accessTokenUrl {String} Optional; Access Token Endpoint, default is /oauth/access_token
    • accessTokenName {String} Optional; Access Token Parameter Name, default is access_token
    • headers {Object} Optional; Custom headers we wish to pass along