堆栈内存溢出
  简体   繁体   English

OAuth2授权代码授予流Node.js与客户端混合

[英]OAuth2 Authorization Code Grant Flow Node.js mixed with Client-Side

 原文  2019-08-27 12:14:04       javascript/ node.js/ oauth-2.0

问题描述

I am performing OAuth2 authentication against the Fitbit API. 我正在针对Fitbit API执行OAuth2身份验证。 This all using the Authorization Code Grant Flow. 全部使用授权码授予流程。 So first getting the auth code, being redirected to my application, then exchanging this for the access token and getting data with this token. 因此,首先获取身份验证代码,将其重定向到我的应用程序,然后将其交换为访问令牌,并使用此令牌获取数据。

Starting off at the homePage on the "post_request.html" page, pushing the "fitbit" button, the user is redirected to the Authorization EndPoint of Fitbit. 从“ post_request.html”页面上的主页开始,按“ fitbit”按钮,将用户重定向到Fitbit的授权端点。 I am using Node.js to build a localserver to host the application and to be able to redirect without any problem.. 我正在使用Node.js构建本地服务器来托管应用程序,并且能够重定向而没有任何问题。

My HTML file is the following, with inline script.. 我的HTML文件如下,带有内联脚本。 

<!DOCTYPE html>
<html lang = "en">  <!–– language check you can perform ––>

    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1";>                                                             <!–– necessary to make the website responsive, zoom level to 1 ––>
        <title>API Fitbit OAuth2</title>
        <meta name="description" content="Planner for Trail Running">                                                                     <!–– this part will be used in SEM, result of content strategy workshops ––>
        <meta name="author" content="Niels">                                                                         <!–– make sure this refers to the right css sheet ––>
    </head>

    <body>

        <button onclick="fitbitAuth()">Fitbit</button>

        <!-- action = route, method = method -->
        <form action="/" method="POST" id="form">
            <h3>Email Address:</h3>
            <input type="email">
            <br>
            <h3>Password:</h3>
            <input type="password">     
            <br>
            <br>
            <button type="submit">Send Request</button>   
        </form>

    <script>
            // run this script upon landing back on the page with the authorization code 
            var url_terug = window.location.search;
            var auth_code = url_terug.substr(6);
            console.log(auth_code);

            // get the authorization code out of the response 
            // execute a POST request with the right parameters 
            // get the access token out of the JSON response 
            // execute a GET request on the API endpoint 
            // handle the data 

            // upon clicking fitbit button, starting off the oauth2 authentication 
            function fitbitAuth() {

                window.location.href = 'https://www.fitbit.com/oauth2/authorize?client_id=MYCLIENTID&response_type=code&scope=activity&redirect_uri=http://localhost:3000/fitbit&prompt=consent';

            }

        </script>

    </body>
    </html>

My question is on the Node.js side.. I am quite new to Node.. How can I add proper error handling to the page in the method "app.get(/fitbit)"? 我的问题是在Node.js方面。我对Node还是很陌生。如何在方法“ app.get(/ fitbit)”中向页面添加适当的错误处理? 

// PROJECT making a POST request 
const express = require("express");
const app = express();
const filesys = require("fs");
const path = require("path");
// body parser module parses form data into server
const body_parse = require("body-parser");

// middleware
app.use('/public', express.static(path.join(__dirname, 'static')));
// allows us to parse url encoded forms 
app.use(body_parse.urlencoded({extended: false}));

// using readstream with chunks in buffer with security on the path 
app.get("/fitbit", (req, res) => {

    const readStream = filesys.createReadStream(path.join(__dirname,'static','post_request.html'));
    res.writeHead(200, {'Content-type' : 'text/html'});
    readStream.pipe(res);

});

// bodyparser parses data and adds to the body of the request 
app.get("/", (req, res, err) => {

    const readStream = filesys.createReadStream(path.join(__dirname,'static','post_request.html'));
    res.writeHead(200, {'Content-type' : 'text/html'});
    readStream.pipe(res);

});

app.listen(3000);

1 个解决方案

解决方案1
 1  2019-08-27 12:35:56

This page describing basic error handling in Express might be helpful to you. 页面描述了Express中的基本错误处理可能对您有所帮助。 It's hard to give any more specific information because we do not know what type of errors you anticipate getting. 很难提供任何更具体的信息,因为我们不知道您预计会遇到什么类型的错误。

If you mean specifically with createReadStream, the methods discussed here might be helpful to you: 如果您专门指的是createReadStream,则此处讨论的方法可能对您有所帮助: 

readStream = filesys.createReadStream(path.join(__dirname,'static','post_request.html'));
readStream.on('error', function(){ /*handle error*/ });
res.writeHead(200, {'Content-type' : 'text/html'});
readStream.pipe(res);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Jasmine和node.js测试客户端javascript代码 - Testing client-side javascript code with Jasmine and node.js 获取客户端javascript代码中可用的node.js服务器端对象 - Get node.js server-side object available in client-side javascript code 使用客户端凭据流进行Swashbuckle OAuth2授权 - Swashbuckle OAuth2 Authorization with Client Credentials Flow 客户端js获取node.js API调用 - Client-side js to fetch node.js API calls 记录来自 Puppeteer Node.js 进程的客户端代码中的 `console` 调用 - Log `console` calls made in client-side code from the Puppeteer Node.js process 在客户端javascript代码中重用Node.js中的Web模型 - Re-use web models from Node.js in the client-side javascript code Node.js:打包客户端Web应用程序 - Node.js: Package a Client-side Web Application 客户端文件的node.js模糊处理工具 - node.js obfuscate tool for client-side files 实现与 node.js 兼容的客户端“要求”function - Implementation of a client-side 'require' function compatible with node.js 在Node.js项目上运行客户端javascript - Running client-side javascript on a Node.js project
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM