GitHub Simple OAuth

GitHubOauth.js

/*
GitHub Simple OAuth
=================================================================================

## Requisites: you need the next Node.JS modules:
- express, v4.x
- express-session
- request

## Auth: Add the next urls to yor login router:

//-> Authorize: redirects to the authorize form on GitHub:
router.get('/login/authorize', oauth.Authorize);

//-> Access Token: generates the user access token
router.get('/login/access', oauth.AccessToken, <CONTINUE FUNCTION>);

//-> Destroy: destroy the access token == logout
router.get('/logout', oauth.Destroy, <CONTINUE FUNCTION>);


## Get info: you can access to the user information with:

//-> req.session.oauth.client_app : App name
//-> req.session.oauth.client_id : App ID

//-> req.session.oauth.state : Saves the access state
//-> req.session.oauth.code : Saves the code
//-> req.session.oauth.access_token : Saves the access token

//-> req.session.oauth.error : true if the user is not logged in, false if user has logged in

*/

//Url def
var url_auth = 'https://github.com/login/oauth/authorize';
var url_token = 'https://github.com/login/oauth/access_token';

//Client def
var client_app = '<YOUR_APP_NAME>';
var client_id = '<YOUR_CLIENT_ID>';
var client_secret = '<YOUR_SECRET_CODE>';
var client_scope = '<YOUR_SCOPE>';

//Import dependencies
var request = require('request');
var util = require('util');

//Function for generate a new State
function GenState()
{
  //Generates two random strings
  var str1 = Math.random().toString(36).slice(2);
  var str2 = Math.random().toString(36).slice(2);

  //Return the concatenate
  return str1 + str2;
}

//Function for generate the access token data
function GenAccessTokenData(code, state)
{
  //Initialize
  var data = {};

  //Add the elements
  data.client_id = client_id; //Add the client_id
  data.client_secret = client_secret; //Add the client secret
  data.code = code; //Add the code
  data.state = state; //Add the state

  //Return
  return data;
}

//Function for authorize user
exports.Authorize = function(req, res, next)
{
  //Generates the new state
  var state = GenState();

  //Initialize the session
  req.session.oauth = {};

  //Save the state
  req.session.oauth.state = state;

  //Save the client
  req.session.oauth.client_app = client_app;
  req.session.oauth.client_id = client_id;

  //Generates the new Url
  var url = url_auth + '?client_id=' + client_id + '&scope=' + client_scope + '&state=' + state;

  //redirect
  res.redirect(url);
};

//Function for access toke
exports.AccessToken = function(req, res, next)
{
  //Get the query params
  req.session.oauth.code = req.query.code;

  //Save the access error
  req.session.oauth.error = true;

  //Check the state
  if(req.query.state !== req.session.oauth.state)
  {
    //The request has been created by a third party --> abort
    return next();
  }

  //Make the request for get the access token
  //First, generate the data
  var pData = GenAccessTokenData(req.session.oauth.code, req.session.oauth.state);

  //Generates the request object
  var robj = { url: url_token, method: 'POST', headers: { 'Accept': 'application/json'}, json: true, body: pData };

  //Generate the request
  request(robj, function (error, response, body){

    //Save the access_token
    req.session.oauth.access_token = body.access_token;

    //Save no error
    req.session.oauth.error = false;

    //Continue
    return next();

  });
};

//Destroy session
exports.Destroy = function(req, res, next)
{
  //Destroy the access_token
  req.session.oauth.access_token = null;

  //Destroy the complete session
  req.session.oauth = null;

  //next
  return next();
};