OAuth 2.0

The OAuth2 module provides abstractions over OAuth 2.0 providers likeFacebook, GitHub and Google.

Examples

createOAuth2Client(options): OAuth2Client

Creates an OAuth 2.0 client.

Arguments

• options: Object

An object with the following properties:

• authEndpoint: string

The fully-qualified URL of the provider’sauthorization endpoint.

• tokenEndpoint: string

The fully-qualified URL of the provider’s.

• refreshEndpoint: string (optional)

The fully-qualified URL of the provider’srefresh token endpoint.

• activeUserEndpoint: string (optional)

The fully-qualified URL of the provider’s endpoint for fetchingdetails about the current user.

• clientId: string

The application’s Client ID (or App ID) for the provider.

• clientSecret: string

The application’s Client Secret (or App Secret) for the provider.

Returns an OAuth 2.0 client for the given provider.

If you want to use Facebook as the OAuth 2.0 provider, use the following options:

• authEndpoint:
• tokenEndpoint: https://graph.facebook.com/oauth/access_token

• activeUserEndpoint: You also need to obtain a client ID and client secret from Facebook:

• Visit the page.
• Click on Apps in the menu, then select Register as a Developer(the only option) and follow the instructions provided. You may need toverify your account by phone.
• Click on Apps in the menu, then select Create a New App and followthe instructions provided.
• Open the app dashboard, then note down the App ID and App Secret.The secret may be hidden by default.
• Click on Settings, then Advanced and enter one or moreValid OAuth redirect URIs. At least one of them must match yourredirect_uri later. Don’t forget to save your changes.
• Set the option clientId to the App ID and the option clientSecret_to the _App Secret.

If you want to use GitHub as the OAuth 2.0 provider, use the following options:

• authEndpoint: https://github.com/login/oauth/authorize?scope=user
• tokenEndpoint:

• activeUserEndpoint: https://api.github.com/userYou also need to obtain a client ID and client secret from GitHub:

• Create a regular account at or use anexisting account you own.

• Go to Account Settings > Applications > Register new application.
• Provide an authorization callback URL. This must match yourredirect_uri later.
• Fill in the other required details and follow the instructions provided.
• Open the application page, then note down the Client ID and Client Secret.
• Set the option clientId to the Client ID and the option clientSecret_to the _Client Secret.

If you want to use Google as the OAuth 2.0 provider, use the following options:

• authEndpoint:
• tokenEndpoint: https://accounts.google.com/o/oauth2/token

• Create a regular account at or use anexisting account you own.

• Visit the Google Developers Console.
• Click on Create Project, then follow the instructions provided.
• When your project is ready, open the project dashboard, then click onEnable an API.
• Enable the Google+ API to allow your app to distinguish between different users.
• Open the Credentials page and click Create new Client ID, then followthe instructions provided. At least one Authorized Redirect URI must matchyour redirect_uri later. At least one Authorized JavaScript Origin mustmatch your app’s fully-qualified domain.
• When the Client ID is ready, note down the Client ID and Client secret.
• Set the option clientId to the Client ID and the option clientSecret_to the _Client secret.

oauth2.getAuthUrl(redirect_uri, args): string

Generates the authorization URL for the authorization endpoint.

Arguments

• redirect_uri: string

The fully-qualified URL of your application’s OAuth 2.0 callback.

• args: (optional)

An object with any of the following properties:

• response_type: string (Default: "code")See .

Returns a fully-qualified URL for the authorization endpoint of the providerby appending the client ID and any additional arguments from args to theauthEndpoint.

Exchanges a grant code for an access token.

Performs a POST response to the tokenEndpoint.

Arguments

• code: string

A grant code returned by the provider’s authorization endpoint.

• redirect_uri: string

The original callback URL with which the code was requested.

• args: Object (optional)

An object with any of the following properties:

• grant_type: string (Default: "authorization_code")

See RFC 6749.

Returns the parsed response object.

oauth2.fetchActiveUser(access_token): Object

Fetches details of the active user.

Performs a GET response to the activeUserEndpoint.

Throws an exception if the remote server responds with an empty response body.

Returns null if the activeUserEndpoint is not configured.

Arguments

• access_token: string

An OAuth 2.0 access token as returned by exchangeGrantToken.

Returns the parsed response object.

Examples

const authData = oauth2.exchangeGrantToken(code, redirect_uri);