-
Notifications
You must be signed in to change notification settings - Fork 114
/
Copy pathoauthapp.js
106 lines (100 loc) · 4.55 KB
/
oauthapp.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
var connect = require('connect');
//var MemoryStore = require('connect/middleware/session/memory');
var auth= require('../lib');
var url= require('url');
var OAuthDataProvider= require('./in_memory_oauth_data_provider').OAuthDataProvider;
var renderAuthenticationForm= function(res, token, flash) {
res.writeHead(200, {'Content-Type':'text/html'})
var error= '';
if( flash ) {
error= '<h3>' + flash + '</h3>';
}
res.end('<html> \n\
<body> \n\
<h2>Login</h2> \n\
'+error+' \n\
<form method="post"> \n\
<input type="hidden" name="oauth_token" value="'+token+'"/> \n\
<table> \n\
<tr><td><label>User name</lable></td><td><input type="text" name="username"/></td></tr> \n\
<tr><td><label>Password</lable></td><td><input type="password" name="password"/></td></tr> \n\
</table \n\
<div><input type="submit" value= "Authorize"/></div> \n\
<form> \n\
</body> \n\
</html>');
};
var authenticateProvider= function(req, res) {
var parsedUrl= url.parse(req.originalUrl, true);
renderAuthenticationForm(res, parsedUrl.query.oauth_token );
};
/**
Handle the post back from the oauth authentication session (here you can build additional leves such as
handling authorization for the application)
**/
var authorizeProvider = function(err, req, res, authorized, authResults, application, user) {
var self = this;
if(err) {
renderAuthenticationForm(res, authResults.token, 'No such user or wrong password' );
} else {
res.writeHead(200, {'Content-Type':'text/html'})
res.end('<html> \n\
<body> \n\
<h2>Login</h2> \n\
<form method="post"> \n\
<input type="hidden" name="oauth_token" value="'+authResults.token+'"/> \n\
<input type="hidden" name="verifier" value="'+authResults.verifier+'"/> \n\
<table> \n\
<tr><td>Application Title</td><td>' + application.title + '</td></tr> \n\
<tr><td>Application Description</td><td>' + application.description + '</td></tr> \n\
<tr><td>User name</td><td>' + user.username + '</td></tr> \n\
</table \n\
<div><input type="submit" value= "Authorize"/></div> \n\
<form> \n\
</body> \n\
</html>');
}
};
/**
Handle the successful authentication and authorization
**/
var authorizationFinishedProvider = function(err, req, res, result) {
res.writeHead(200, {'Content-Type':'text/html'})
res.end('<html> \n\
<body> \n\
<h2>Authentication and Authorization Finished, Application can now access</h2> \n\
<input type="hidden" name="oauth_token" value="'+result.token+'"/> \n\
<input type="hidden" name="oauth_verifier" value="'+result.verifier+'"/> \n\
<table> \n\
<tr><td>Token</td><td>' + result.token + '</td></tr> \n\
<tr><td>Verifier</td><td>' + result.verifier + '</td></tr> \n\
</table \n\
</body> \n\
</html>');
}
var app= connect();
app.use(connect.bodyParser())
.use(connect.logger())
.use(auth({strategies: [
auth.Oauth({oauth_provider: new OAuthDataProvider({ applications:[{title:'Test', description:'Test App', consumer_key:"JiYmll7CX3AXDgasnnIDeg",secret:"mWPBRK5kG2Tkthuf5zRV1jYWOEwnjI6xs3QVRqOOg"}]
, users:[{username:'foo', password:'bar'}] }),
authenticate_provider: authenticateProvider,
authorize_provider: authorizeProvider,
authorization_finished_provider: authorizationFinishedProvider
})
],
trace: true
}))
.use('/fetch/unicorns', function(req, res, params) {
req.authenticate(['oauth'], function(error, authenticated) {
if( authenticated ) {
res.writeHead(200, {'Content-Type': 'text/plain'})
res.end('The unicorns fly free tonight');
}
else {
res.writeHead(401, {'Content-Type': 'text/plain'})
res.end('Doubt you\'ll ever see this.');
}
});
})
.listen(3000);