/
oauth.js
75 lines (62 loc) · 2.21 KB
/
oauth.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
const express = require('express');
const request = require('superagent');
const router = express.Router();
const shops = require('../repositories/shops');
router.get('/install', function(req, res, next) {
const platform = req.query.platform;
const shop = req.query.shop;
const domain = process.env.BOLD_CHECKOUT_DOMAIN;
const client_id = process.env.CLIENT_ID;
if (!platform || !shop) {
res.status(400).send('Unable to complete request: missing parameters');
}
const scope = [
'provide_shipping_rates',
'add_fee',
'modify_order',
].join(' ');
res.redirect(
`https://${domain}/api/v1/${platform}/${shop}/oauth/authorize?client_id=${client_id}&scope=${scope}&response_type=code`
);
});
router.get('/authorize', function(req, res, next) {
const platform = req.query.platform;
const shop = req.query.shop;
const code = req.query.code;
if (!code || !platform || !shop) {
res.status(400).send('Missing required parameters.');
}
const domain = process.env.BOLD_CHECKOUT_DOMAIN;
const requestData = {
client_id: process.env.CLIENT_ID,
client_secret: process.env.CLIENT_SECRET,
code: code,
grant_type: 'authorization_code',
};
request
.post(`https://${domain}/api/v1/${platform}/${shop}/oauth/access_token`)
.send(requestData)
.set('accept', 'json')
.then(resp => {
const accessToken = resp.body.access_token;
shops.removeAccessToken(shop, platform);
shops.saveAccessToken(shop, platform, accessToken);
// At this point the app is free to redirect the user wherever it wants.
// This example redirects back into the Checkout admin.
res.redirect(
`https://${domain}/admin/${platform}/${shop}/marketplace`
);
})
.catch(err => {
//TODO: report error
res.status(500).end();
});
});
router.post('/uninstalled', function(req, res, next) {
res.status(200);
res.send({});
const platform = req.query.platform;
const shop = req.query.shop;
shops.removeAccessToken(shop, platform);
});
module.exports = router;