mohd7469 / oauth2orize-examples Goto Github PK
View Code? Open in Web Editor NEWSome oauth examples and implementation.
License: MIT License
Some oauth examples and implementation.
License: MIT License
Hi,
whenever I make a post request to get token i got 'Unauthorized' as response. please Help!
below is my request:-
url:- http://localhost:3000/oauth/token
request:- {
"grant_type": "authorization_code",
"code": "gZl67viNzaVvJgfx",
"redirect_uri": "http://localhost:3000/account",
"client_id": "abc123",
"state": "12345"
}
I am using your example, but want to host it on a path other than /
. Is there a property I can set (or other approach) to achieve this simply?
It'd be great if we could have an example working with SwaggerExpress
Hi.
My question is:
Why do we need to check client twice? Isn't it enough to fetch client in passport strategy and then simply use client object which was passed down to oauth2orize clientCredentials exchange handler? Or this duplication is just for demo purposes?
Thank you!
Hi,
I was able to get the auth code but when i call the token api, i get Unauthorised 401 Error,
I am passing these values in the url
http://localhost:3000/oauth/token?grant_type=authorization_code&code=tncHiOrBZRcvjJQ1&redirect_uri=http://localhost:3000/account&client_id=abc123&client_secret=ssh-secret
Please help with his, I am stuck.
In the oauth2.js, I can see user.has_token and client.isTrusted, but I cannot find those method in the user and client models. Where is these method specified?
The code in the Grant Flow doesn't invalidate the Authorization Code after it's used to successfully issue an access token, so you can reuse the authorization code to issue another access token. It's recommended to have authorization codes expire after some short window and to mark them as used once you've issued a token. The OAuth site goes into more detail about Authorization Codes here.
I'd be happy to make a pull request to expire tokens and remove them after they've been used (or at least invalidate them. Or at a minimum I can make a PR to add some comments to note how it should be done if implemented in a live application.
curl -X POST "http://localhost:3000/oauth/token" -d "grant_type=password&client_id=abc123&client_secret=ssh-secret&username=bob&password=secret"
Error: {"error":"server_error","error_description":"authCode is not defined"}
Consider replacing getUid()
with secure-random-string for cryptographically secure random numbers.
It has the option to continue to make them 16 characters log as before if you prefer.
I have an error when accessing /dialog/authorize
after logged in.
the error message shown below
AuthorizationError: Missing required parameter: response_type at /var/www/html/oauth2orize-examples/node_modules/oauth2orize/lib/middleware/authorization.js:120:46 at pass (/var/www/html/oauth2orize-examples/node_modules/oauth2orize/lib/server.js:295:26) at pass (/var/www/html/oauth2orize-examples/node_modules/oauth2orize/lib/server.js:313:9) at pass (/var/www/html/oauth2orize-examples/node_modules/oauth2orize/lib/server.js:313:9) at Server._parse (/var/www/html/oauth2orize-examples/node_modules/oauth2orize/lib/server.js:318:5) at authorization (/var/www/html/oauth2orize-examples/node_modules/oauth2orize/lib/middleware/authorization.js:118:12) at Layer.handle [as handle_request] (/var/www/html/oauth2orize-examples/node_modules/express/lib/router/layer.js:95:5) at next (/var/www/html/oauth2orize-examples/node_modules/express/lib/router/route.js:137:13) at /var/www/html/oauth2orize-examples/node_modules/connect-ensure-login/lib/ensureLoggedIn.js:50:5 at Layer.handle [as handle_request] (/var/www/html/oauth2orize-examples/node_modules/express/lib/router/layer.js:95:5)
I accidentally miss saving my user.id, so the clientID is used for BearerStrategy and found this bug.
I think in auth.js line 100
db.clients.findByClientId
should be change with
db.clients.find
Current version of express is 2.x
, would be nice to update to latest (4.x
)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.