Created
August 24, 2017 17:14
-
-
Save lasergoat/2d90c7890977b00a259aad87f67ba896 to your computer and use it in GitHub Desktop.
oauth with passport for intuit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const auth = require('./util/auth-util'); | |
| const merchant = require('./util/merchant-util'); | |
| const session = require('express-session'); | |
| const passport = require('passport'); | |
| const IntuitStrategy = require('passport-intuit-oauth').Strategy; | |
| const port = process.env.PORT || 3000; | |
| console.info(['STARTUP ENVIRONMENT: ', process.env.NODE_ENV || 'unknown'].join(' ')); | |
| app.use(cors()); | |
| app.use(bodyParser.urlencoded({ extended: false })); | |
| app.use(bodyParser.json()); | |
| app.use(session({ | |
| resave: false, | |
| saveUninitialized: true, | |
| secret: process.env.SESSION_SECRET | |
| })); | |
| app.use(passport.initialize()); | |
| app.use(passport.session()); | |
| passport.serializeUser(function(req, user, done) { | |
| console.log('serializeUser----user-----', user); | |
| done(null, user); | |
| }); | |
| passport.deserializeUser(function(req, obj, done) { | |
| console.log('deserializeUser----obj-----', obj); | |
| done(null, obj); | |
| }); | |
| passport.use( | |
| new IntuitStrategy({ | |
| consumerKey: process.env.INTUIT_CONSUMER_KEY, | |
| consumerSecret: process.env.INTUIT_CONSUMER_SECRET, | |
| callbackURL: `http://localhost:${port}/oauth/callback`, | |
| }, function(token, tokenSecret, profile, done) { | |
| done(null, profile) | |
| }) | |
| ); | |
| // this is the call to start the oauth process | |
| // to hit this route, my user needs a JWT token which I get with middleware | |
| // we give the user a session | |
| app.get('/oauth/intuit/:token', | |
| jwt({ | |
| secret: process.env.JWT_SECRET, | |
| getToken: function fromHeaderOrQuerystring (req) { | |
| return req.params.token; | |
| } | |
| }), | |
| // this middleware finds the user id from the jwt and gets their record out of the DB | |
| auth.grabAuthSet, | |
| // this pulls more stuff out of the DB | |
| auth.grabIntegration, | |
| function(req, res, next) { | |
| // now that we have the user's identity from my DB | |
| // add it to the users' session | |
| console.log(req._integration.integration_id) | |
| req.session.integrationId = req._integration.integration_id; | |
| req.session.user = req._user; | |
| next(); | |
| }, | |
| passport.authenticate('intuit') | |
| ); | |
| // this gets called when Intuit redirects the user back to my server | |
| app.get('/oauth/callback', | |
| passport.authenticate('intuit', { failureRedirect: '/oauth/error' }), | |
| merchant.updateMerchantIntegration, | |
| function(req, res) { | |
| // we stored the user's identity in a session, so retrieve it and destroy the session | |
| // we only needed the session till now | |
| // todo: using the user's identity from my session and the new oauth token in req.query | |
| // store the token in their DB record and return. | |
| // most people would want to actually redirect back to their frontend here... | |
| req.session.destroy(function(err) { | |
| res.status(200).json( | |
| 'done' | |
| ); | |
| }) | |
| } | |
| ); | |
| app.get('/oauth/error', | |
| function(req, res) { | |
| console.log(req.session); | |
| return res.status(400).json( | |
| 'error' | |
| ); | |
| } | |
| ); | |
| const server = app.listen(port, function() { | |
| const port = server.address().port; | |
| const addr = server.address().address; | |
| console.info('Proxy Gateway listening on http://%s:%s', addr, port); | |
| }); | |
| // for testing | |
| module.exports = server; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment