OAuth Modules for Node.js - Supporting RSA, HMAC, PLAINTEXT, 2,3-Legged, 1.0a, Echo, XAuth, and 2.0
npm install mashape-oauth
Require the library and the one you wish to use.
var OAuth = require('mashape-oauth').OAuth;
var oa = new OAuth({ /* … options … */ }, callback);- options
{Object}OAuth Request Options- echo
{Object}Optional; If it exists we treat the request as an echo request. See Twitter. - echo.verifyCredentials
{String}What is the credentials URI to delegate against? - realm
{String}Optional; Access Authentication Framework Realm Value, Commonly used in Echo Requests, allowed in all however: Section 3.5.1 - requestUrl
{String}Request Token URL, Section 6.1 - accessUrl
{String}Access Token URL, Section 6.2 - callback
{String}URL the Service Provider will use to redirect User back to Consumer after obtaining User Authorization has been completed. Section 6.2.1 - consumerKey
{String}The Consumer Key - consumerSecret
{String}The Consumer Secret - version
{String}Optional; By spec this is1.0by default. Section 6.3.1 - signatureMethod
{String}Type of signature to generate, must be one of:- PLAINTEXT
- RSA-SHA1
- HMAC-SHA1
- nonceLength
{Number}Optional; Length of nonce string. Default32 - headers
{Object}Optional; Headers to be sent along with request, by default these are already set. - clientOptions
{Object}Optional; ContainsrequestTokenHttpMethodandaccessTokenHttpMethodvalue. - parameterSeperator
{String}Optional; Seperator for OAuth header parameters, default is,
- echo
- callback
{String}Optional; callback uri, over-rides options callback.
oa.getOAuthRequestToken({ /* … parameters … */ }, callback);- parameters
{Object}Optional; Additional Headers you might want to pass along.- If omitted, you can treat parameters argument as callback and pass along a function as a single parameter.
- callback
{Function}Anonymous Function to be invoked upon response or failure.
oa.getOAuthRequestToken(function (error, oauth_token, oauth_token_secret, results) {
if (error)
return res.send('Error getting OAuth Request Token: ' + error, 500);
else
// Usually a redirect happens here to the /oauth/authorize stage
return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});oa.getOAuthAccessToken(options, callback);- options
{Object}- oauth_verifier
{String}Verification code tied to the Request Token. Section 2.3 - oauth_token
{String}Request Token - oauth_token_secret
{String}Request Token Secret, used to help generation of signatures. - parameters
{Object}Optional; Additional headers to be sent along with request. - callback
{Function}Optional; Method to be invoked upon result, over-ridden by argument if set.
- oauth_verifier
- callback
{Function}Method to be invoked upon result, over-rides options callback.
oa.getOAuthAccessToken({
oauth_verifier: 'ssid39b',
oauth_token: 'request_key',
oauth_secret: 'request_secret'
}, function (error, token, secret, result) {
if (error)
return res.send('Error getting XAuth Access Token: ' + error, 500);
else
// Usually you want to store the token and secret in a session and make your requests after this
return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});oa.getXAuthAccessToken(username, password, callback);- username
{String}XAuth Username credentials of User obtaining a token on behalf of - password
{String}XAuth Password credentials of User obtaining a token on behalf of - callback
{Function}Anonymous Function to be invoked upon response or failure.
oa.getXAuthAccessToken('nijikokun', 'abc123', function (error, oauth_token, oauth_token_secret, results) {
if (error)
return res.send('Error getting XAuth Access Token: ' + error, 500);
else
// Usually you want to store the token and secret in a session and make your requests after this
return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});oa.post(options, callback);
oa.get(options, callback);
oa.delete(options, callback);
oa.patch(options, callback);
oa.put(options, callback);
// Alternatively, you can use the old node-oauth style: (Where method is one of five above.)
oa.method(url, oauth_token, oauth_token_secret, body, type, parameters, callback);- options
{Object}Contains Request Information- url
{String}URL to be requested upon - oauth_token
{String}Optional; Dependant upon request step, could be access, or request token. - oauth_token_secret
{String}Optional; Dependant upon request step - body
{String}Optional; Body information to be sent along with request. - type
{String}Optional; Content Request Type - parameters
{Object}Optional; Additional headers you wish to pass along with your request. - callback
{Function}Optional; Method to be invoked upon result, over-ridden by argument if set.
- url
- callback
{Function}Method to be invoked upon result, over-rides options callback.
var OAuth2 = require('mashape-oauth').OAuth2;
var oa = new OAuth2({ /* … options … */ }, callback);- options
{Object}OAuth Request Options- clientId
{String}Client Identifier - clientSecret
{String}Client Secret - baseUrl
{String}Base url of OAuth request - authorizationUrl
{String}Optional; Authorization endpoint, default is/oauth/authorize - authorizationMethod
{String}Optional; Authorization Header Method, default isBearer - accessTokenUrl
{String}Optional; Access Token Endpoint, default is/oauth/access_token - accessTokenName
{String}Optional; Access Token Parameter Name, default isaccess_token - headers
{Object}Optional; Custom headers we wish to pass along
- clientId