rafinskipg · October 7, 2020 07:08
diff --git a/server.js b/server.js

 // This is the start of the flow, the CLIENT app redirects to this page
 app.get('/api/auth/webex', (req, res) => {
  // The webex_client_id is an environment variable extracted from the Create integration https://developer.webex.com/docs/integrations
  // The scopes and redirect uri are also defined when creating the integration
  // Remind to put there your domain url ex: myapp.com or localhost for development
  // You will need to change also all the scopes query parameters of this url (you will get them from the "create integration process")
  const authUrl = `https://webexapis.com/v1/authorize?client_id=${process.env.WEBEX_CLIENT_ID}&response_type=code&redirect_uri=${encodeURIComponent(process.env.BASE_URL)}%2Fapi%2Fauth%2Fwebex%2Fcallback&scope=meeting%3Arecordings_read%20spark%3Aall%20spark%3Akms%20meeting%3Aschedules_read%20meeting%3Apreferences_write%20meeting%3Arecordings_write%20meeting%3Apreferences_read%20meeting%3Aschedules_write&state=set_state_here`
    // We do a redirect to the webex oauth URL, this redirect will be done using your framework
    // maybe in express you dont use writehead (or maybe yes)
    res.writeHead(302, { Location: authUrl })
    return res.end()
 })


 // This is the redirect uri, you will set this on the "create integration" process for ex: localhost:3000/api/auth/webex/callback or myapp.com/api/auth/webex/callback
 app.get('/api/auth/webex/callback', async (req, res) => {
  const code = req.query.code
  // Fetch an access token for the current user
  fetch(`https://webexapis.com/v1/access_token?grant_type=authorization_code&client_id=${process.env.WEBEX_CLIENT_ID}&client_secret=${process.env.WEBEX_CLIENT_SECRET}&code=${code}&redirect_uri=${process.env.BASE_URL}/api/auth/webex/callback`, {
    headers: {
      'Content-Type': 'application/x-www-form-urlencoded'
    },
    method: 'POST'
  })
  .then(async resp => {
    // User access tokens and refresh token, you want to store this in the database 
    const { access_token, refresh_token } = resp

    return fetch('https://webexapis.com/v1/people/me?callingData=true', {
      headers: {
        'Content-Type': 'application/json',
        'Authorization': 'Bearer ' + access_token
      }
    })
      .then(profile => {
        // User profile
        console.log('resp', access_token, profile)


        // Here you will need to do the following:
        // find a user with this profile.id in the database, if you already have a user that did an oauth before, just log in that user into the system
        // (you do the login like the rest of your application authorization, either cookies or tokens...)
        // if you don't find any user with that profile.id you can search for the email of the profile
        // if you find a user with that email, you update that user to store the access token , the profile.id and you log in the user
        // if you dont find a user with that email, you create a new user in the database and login that user
        // If error redirect to login page

      })
  })
  .catch(err => {
    res.status(500).json({
      error: err.message
    })
  })
 })

	// This is the start of the flow, the CLIENT app redirects to this page
	app.get('/api/auth/webex', (req, res) => {
	// The webex_client_id is an environment variable extracted from the Create integration https://developer.webex.com/docs/integrations
	// The scopes and redirect uri are also defined when creating the integration
	// Remind to put there your domain url ex: myapp.com or localhost for development
	// You will need to change also all the scopes query parameters of this url (you will get them from the "create integration process")
	const authUrl = `https://webexapis.com/v1/authorize?client_id=${process.env.WEBEX_CLIENT_ID}&response_type=code&redirect_uri=${encodeURIComponent(process.env.BASE_URL)}%2Fapi%2Fauth%2Fwebex%2Fcallback&scope=meeting%3Arecordings_read%20spark%3Aall%20spark%3Akms%20meeting%3Aschedules_read%20meeting%3Apreferences_write%20meeting%3Arecordings_write%20meeting%3Apreferences_read%20meeting%3Aschedules_write&state=set_state_here`
	// We do a redirect to the webex oauth URL, this redirect will be done using your framework
	// maybe in express you dont use writehead (or maybe yes)
	res.writeHead(302, { Location: authUrl })
	return res.end()
	})


	// This is the redirect uri, you will set this on the "create integration" process for ex: localhost:3000/api/auth/webex/callback or myapp.com/api/auth/webex/callback
	app.get('/api/auth/webex/callback', async (req, res) => {
	const code = req.query.code
	// Fetch an access token for the current user
	fetch(`https://webexapis.com/v1/access_token?grant_type=authorization_code&client_id=${process.env.WEBEX_CLIENT_ID}&client_secret=${process.env.WEBEX_CLIENT_SECRET}&code=${code}&redirect_uri=${process.env.BASE_URL}/api/auth/webex/callback`, {
	headers: {
	'Content-Type': 'application/x-www-form-urlencoded'
	},
	method: 'POST'
	})
	.then(async resp => {
	// User access tokens and refresh token, you want to store this in the database
	const { access_token, refresh_token } = resp

	return fetch('https://webexapis.com/v1/people/me?callingData=true', {
	headers: {
	'Content-Type': 'application/json',
	'Authorization': 'Bearer ' + access_token
	}
	})
	.then(profile => {
	// User profile
	console.log('resp', access_token, profile)


	// Here you will need to do the following:
	// find a user with this profile.id in the database, if you already have a user that did an oauth before, just log in that user into the system
	// (you do the login like the rest of your application authorization, either cookies or tokens...)
	// if you don't find any user with that profile.id you can search for the email of the profile
	// if you find a user with that email, you update that user to store the access token , the profile.id and you log in the user
	// if you dont find a user with that email, you create a new user in the database and login that user
	// If error redirect to login page

	})
	})
	.catch(err => {
	res.status(500).json({
	error: err.message
	})
	})
	})