Skip to content

Instantly share code, notes, and snippets.

@FrankHassanabad
Last active July 22, 2019 09:10
Show Gist options
  • Save FrankHassanabad/5865082 to your computer and use it in GitHub Desktop.
Save FrankHassanabad/5865082 to your computer and use it in GitHub Desktop.
Using Advanced Rest Client with OAuth2orize's example

Advanced Rest Client with OAuth2orize

For this to work you will need to install the Advanced Rest Client for some of these steps. Of course you will need to install OAuth2orize as well.

Run the oauth2orize provider/server example which does server-side OAuth flow:

cd oauth2orize\examples\express2
node app.js

If you open your browser and go to:

http://localhost:3000

You should see the plain text of

OAuth 2.0 Server

which means it's up and running

Put this directly into your browser

http://localhost:3000/dialog/authorize?redirect_uri=http://localhost:3000&response_type=code&client_id=abc123

You should then get back decision option. The decision option will have the text and two buttons of

Hi Bob Smith!

Samplr is requesting access to your account.

Do you approve?
[Allow] [Deny]

Click the [Allow] button and you will be redirected back to your above redirect_uri with the code attached as a query parameter like so

http://localhost:3000/?code=7HMEo1VA1xVS6EkJ

That's your authorization code. You will need to exchange that for a token. Go to your Advanced Rest Client and do a POST using the URL of

http://localhost:3000/oauth/token

The Raw payload of:

code=7HMEo1VA1xVS6EkJ&redirect_uri=http://localhost:3000&client_id=abc123&client_secret=ssh-secret&grant_type=authorization_code

And set your content-type to: application/x-www-form-urlencoded

Then you'll get back your token which will look like this:

{
access_token: "nvhxw0MQf9CPbT2fr8FN4uUvGCSmCE2MiTIo14mniaaI5lJiLUwhs1OJc1d6blyJVFfPjlyFX0BhmCgJicpCdfoxJPbsYzl34FLKQDfRjC4uB9F9LlPoMmRrd98g8HN1pqCs6LYMNV24QXfvar87bSKx8f1K5F1gyWsgHbiaa9DpyHNC0NmaXz1ojDprw0aCfGlbZ6osvMng9tTWR1LmegtEJrHslPvRIq0CPXiS2l81VPAPNLUgDYivSnzEY0q7"
token_type: "bearer"
}

From there you exchange that for access to a resource. We'll access the api/userinfo resource. In your Advanced Rest Client use this URL with GET:

http://localhost:3000/api/userinfo

In the header section add the key of Authorization with the value of your access_token. It will look like this in Raw

Authorization: Bearer nvhxw0MQf9CPbT2fr8FN4uUvGCSmCE2MiTIo14mniaaI5lJiLUwhs1OJc1d6blyJVFfPjlyFX0BhmCgJicpCdfoxJPbsYzl34FLKQDfRjC4uB9F9LlPoMmRrd98g8HN1pqCs6LYMNV24QXfvar87bSKx8f1K5F1gyWsgHbiaa9DpyHNC0NmaXz1ojDprw0aCfGlbZ6osvMng9tTWR1LmegtEJrHslPvRIq0CPXiS2l81VPAPNLUgDYivSnzEY0q7s

You should then get back your user id like so:

{
user_id: "1"
name: "Bob Smith"
scope: "*"
}

And there you go, Enjoy!

@andyepx
Copy link

andyepx commented Nov 6, 2014

Thanks a lot!

@thangnc
Copy link

thangnc commented Feb 28, 2015

Awesome 😄

@anhldbk
Copy link

anhldbk commented May 12, 2016

You made my day! Thanks so much.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment