Script for generating an OAuth token using MyVinli credentials

README.md

Vinli OAuth Token Generator

This script uses your application's OAuth clientId and redirectUri (set up in the developer portal as a "Web" client type) to allow a MyVinli user to authorize your application. To use:

1. Copy oauth-gen.js and package.json to the same directory.
2. Run npm install.
3. Run node oauth-gen.js and follow the prompts.

If successful, the script will print out the Bearer token. You can use this token to access the Vinli Platform API on behalf of a single user or use your Application's BasicAuth credentials (available in the dev portal) to access this user's devices as part of all the available devices.

oauth-gen.js

'use strict';

var B = require('bluebird');
var prompt = require('prompt');
var yarp = require('yarp');
var Cheerio = require('cheerio');
var Qs = require('querystring');
var Url = require('url');
var authOrigin = 'https://auth.vin.li';
var clientId;
var redirectUri;

var cookieRegex = /(?:[^\x00-\x20\(\)<>@\,;\:\\"\/\[\]\?\=\{\}\x7F]+)\s*=\s*(?:([^\x00-\x20\"\,\;\\\x7F]*))/;

var extractCookie = function(headers) {
  return headers['set-cookie'][0].match(cookieRegex)[0];
};

prompt.start();

B.promisify(prompt.get, prompt)([ 'email', 'password', 'clientId', 'redirectUri' ]).then(function(result) {
  if (result.clientId.trim()) {
    clientId = result.clientId;
  }

  if (result.redirectUri.trim()) {
    redirectUri = result.redirectUri;
  }

  console.log('\nSigning in to ' + result.email + ' MyVinli account...');

  return yarp({
    method: 'POST',
    url: authOrigin + '/api/v1/sessions',
    json: {
      session: {
        email: result.email,
        password: result.password
      }
    }
  }, true);
}).then(function(resp) {
  if (resp.statusCode === 400 || resp.statusCode === 401) {
    throw new Error('Invalid login credentials');
  }
  var cookie = extractCookie(resp.headers);

  console.log('Authenticated user.  Initiation OAuth flow for application...');

  return B.all([
    cookie,
    yarp({
      followRedirect: false,
      url: authOrigin + '/oauth/authorization/new',
      qs: {
        client_id: clientId,
        redirect_uri: redirectUri,
        response_type: 'token'
      },
      headers: {
        cookie: cookie
      }
    }, true)
  ]);
}).spread(function(cookie, resp) {
  if (resp.statusCode === 302) {
    console.log('Application previously authorized.');
    return resp;
  }

  if (resp.statusCode >= 400) {
    throw new Error('Invalid client information.');
  }

  console.log('Authorizing application...');

  if (resp.data) {
    var $ = Cheerio.load(resp.data);
    var transactionId = $('input[type=hidden][name=transaction_id]').val();

    return yarp({
      method: 'POST',
      url: authOrigin + '/oauth/authorization',
      json: {
        transaction_id: transactionId
      },
      headers: {
        cookie: [
          cookie, // user session cookie
          extractCookie(resp.headers) // oauth session cookie
        ].join('; ')
      }
    }, true);
  }

  return resp;
}).then(function(resp) {
  var params = Qs.parse(Url.parse(resp.headers.location).hash.substr(1));
  console.log('Application authorized successfully');
  console.log('\nOAuth Bearer token ==> ', params.access_token);
  console.log('\nTo use Bearer token:');
  console.log('\ncurl -H "Authorization: Bearer ' + params.access_token + '" https://platform.vin.li/api/v1/devices\n');
}).catch(function(e) {
  console.log(e.stack);
});

package.json

{
  "name": "vinli-oauth-gen",
  "version": "1.0.0",
  "description": "",
  "main": "gen-oauth.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "author": "Powell Kinney <[email protected]>",
  "license": "ISC",
  "dependencies": {
    "bluebird": "^2.10.1",
    "cheerio": "^0.19.0",
    "prompt": "^0.2.14",
    "yarp": "^0.4.4"
  }
}