grant is build on top of mashape / guardian
Providers Playground
var express = require('express');
var Grant = require('grant');
var grant = new Grant({...configuration see below...});
var app = express();
// mount grant
app.use(grant);
// app server middlewares
app.use(cookieParser());
app.use(session());/connect/:provider/:override?
/step/:number
/connect/:provider/callback{
"server": {
"protocol": "http",
"host": "localhost:3000",
"callback": "/callback"
},
"provider1": {
"key": "...",
"secret": "...",
"scope": ["scope1", "scope2", ...],
"state": "some state",
"callback": "/provider1/callback"
},
"provider2": {...},
...
}- server - configuration about your server
- protocol - either
httporhttps - host - your server's host name
localhost:3000|dummy.com:5000|mysite.com... - callback - common callback for all providers in your config
- protocol - either
- provider1 - any supported provider (see the above table)
google|facebook...-
key -
consumer_keyorclient_idof your app -
secret -
consumer_secretorclient_secretof your app -
scope - OAuth scopes array
-
state - OAuth state string
-
callback - specific callback to use for this provider (overrides the global one specified in the
serverkey)- These callbacks are used only on your server!
- These callbacks are not the one you specify for your app!
- You should always specify the
callbackorredirecturl of your app like this:
http(s)://mydomain.com/connect/[provider]/callbackwhere
- provider is one of the above provider names
- mydomain.com is your site's domain name
- These callbacks are used only on your server!
-
protocol | host - additionally you can override these common values inherited from the
serverkey -
custom1 - create sub configuration for that provider
You can override any of the above keys here
Example"facebook": { "key": "...", "secret": "...", // by default request publish permissions via /connect/facebook "scope": ["publish_actions", "publish_stream"], // set specific callback route on your server for this provider only "callback": "/facebook/callback" // custom override keys "groups": { // request only group permissions via /connect/facebook/groups "scope": ["user_groups", "friends_groups"] }, "pages": { // request only page permissions via /connect/facebook/pages "scope": ["manage_pages"], // additionally use specific callback route on your server for this override only "callback": "/pages/callback" } }
-
Additionally you can make a POST request to the /connect/[provider] route to override your provider's options dynamically for each request
// example using request
request.post('http://mydomain.com/connect/facebook', {
form: {scope:['some','other','scopes']}
}, function (err, res, body) {});- Register OAuth application on your provider's web site
- For
callbackorredirecturl you should always use this format
http(s)://mydomain.com/connect/[provider]/callbackwhere
- provider is one of the above provider names
- mydomain.com is your site's domain name
- Set up your common server
callbackunder theserverkey of your configuration. This is the final callback when the OAuth flow is complete. Grant will redirect you to it after hitting the/connect/[provider]/callbackspecified for your app, therefore this callback should be something different than the reserved routes for Grant - Optionally you can override the end callback for each provider individually, take a look at the configuration data structure
- At some point LinkedIn added support for OAuth2, so if you want to use that flow, you should use
linkedin2for provider name, instead oflinkedinwhich is for OAuth1
MIT