grant is build on top of mashape / guardian
Providers Playground
var express = require('express');
var Grant = require('grant');
var grant = new Grant({...configuration see below...});
var app = express();
// mount grant
app.use(grant);
// app server middlewares
app.use(cookieParser());
app.use(session());/connect/:provider/:override?
/step/:number
/connect/:provider/callback{
"server": {
"protocol": "http",
"host": "localhost:3000",
"callback": "/callback"
},
"provider1": {
"key": "...",
"secret": "...",
"scope": ["scope1", "scope2", ...],
"state": "some state",
"callback": "/provider1/callback"
},
"provider2": {...},
...
}- server - configuration about your server
- protocol - either
httporhttps - host - your server's host name
localhost:3000|dummy.com:5000|mysite.com... - callback - common callback for all providers in your config
- protocol - either
- provider1 - any supported provider (see the above table)
google|facebook...-
key -
consumer_keyorclient_idof your app -
secret -
consumer_secretorclient_secretof your app -
scope - OAuth scopes array
-
state - OAuth state string
-
callback - specific callback to use for this provider (overrides the global one specified in the
serverkey)- These callbacks are used only on your server!
- These callbacks are not the one you specify for your app!
- You should always specify the
callbackorredirecturl of your app like this:
http(s)://mydomain.com/connect/[provider]/callbackwhere
- provider is one of the above provider names
- mydomain.com is your site's domain name
- These callbacks are used only on your server!
-
protocol | host - additionally you can override these common values inherited from the
serverkey -
custom1 - create sub configuration for that provider
You can override any of the above keys here
Example"facebook": { "key": "...", "secret": "...", // by default request publish permissions via /connect/facebook "scope": ["publish_actions", "publish_stream"], // set specific callback route on your server for this provider only "callback": "/facebook/callback" // custom override keys "groups": { // request only group permissions via /connect/facebook/groups "scope": ["user_groups", "friends_groups"] }, "pages": { // request only page permissions via /connect/facebook/pages "scope": ["manage_pages"], // additionally use specific callback route on your server for this override only "callback": "/pages/callback" } }
-
Additionally you can make a POST request to the /connect/:provider/:override? route to override your provider's options dynamically for each request
// example using request
request.post('http://mydomain.com/connect/facebook', {
form: {scope:['some','other','scopes']}
}, function (err, res, body) {});- Register OAuth application on your provider's web site
- For
callbackorredirecturl you should always use this format
http(s)://mydomain.com/connect/[provider]/callbackwhere
- provider is one of the above provider names
- mydomain.com is your site's domain name
- Under the
serverkey of your configuration
host- set up host to match the one used in your app's redirect urlprotocol- set up protocol to match the one used in your app's redirect urlcallback- set a common callback route to use on your server. This is the final callback when the OAuth flow is complete. Grant will redirect you to it after hitting thehttp(s)://mydomain.com/connect/[provider]/callbackspecified for your OAuth app. Therefore thecallbackvalue should be something different than the reserved routes for Grant
- Set any other provider specific configuration options under that provider key name. For example choose some
scopeto request from the user, and set specificcallbackroute on your server to handle the response from that provider - Navigate to the
/connect/:provider/:override?route to start the OAuth flow. Once the flow is complete, you will be redirected back to the route specified in yourcallbackkey. You can access the response OAuth data through the ExpressJS'sreq.querykey
- To use LinkedIn's OAuth2 flow you should use
linkedin2for provider name, instead oflinkedinwhich is for OAuth1
MIT