Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
OAuth Modules for Node.js - Supporting RSA, HMAC, PLAINTEXT, 2,3-Legged, 1.0a, Echo, XAuth, and 2.0
branch: master

This branch is 87 commits behind Mashape:master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
lib
tests
.gitignore
FLOWS.md
LICENSE
Makefile
README.md
index.js
package.json

README.md

Mashape OAuth

OAuth Modules for Node.js - Supporting RSA, HMAC, PLAINTEXT, 2,3-Legged, 1.0a, Echo, XAuth, and 2.0

Installation

npm install mashape-oauth

Usage

Require the library and the one you wish to use.

  1. OAuth
    1. getOAuthRequestToken
    2. getOAuthAccessToken
    3. getXAuthAccessToken
    4. Request Methods
  2. OAuth2

Using OAuth (1.x, XAuth, Echo):

var OAuth = require('mashape-oauth').OAuth;
var oa = new OAuth({ /* … options … */ }, callback);
  • options {Object} OAuth Request Options
    • echo {Object} Optional; If it exists we treat the request as an echo request. See Twitter.
    • echo.verifyCredentials {String} What is the credentials URI to delegate against?
    • realm {String} Optional; Access Authentication Framework Realm Value, Commonly used in Echo Requests, allowed in all however: Section 3.5.1
    • requestUrl {String} Request Token URL, Section 6.1
    • accessUrl {String} Access Token URL, Section 6.2
    • callback {String} URL the Service Provider will use to redirect User back to Consumer after obtaining User Authorization has been completed. Section 6.2.1
    • consumerKey {String} The Consumer Key
    • consumerSecret {String} The Consumer Secret
    • version {String} Optional; By spec this is 1.0 by default. Section 6.3.1
    • signatureMethod {String} Type of signature to generate, must be one of:
      • PLAINTEXT
      • RSA-SHA1
      • HMAC-SHA1
    • nonceLength {Number} Optional; Length of nonce string. Default 32
    • headers {Object} Optional; Headers to be sent along with request, by default these are already set.
    • clientOptions {Object} Optional; Contains requestTokenHttpMethod and accessTokenHttpMethod value.
    • parameterSeperator {String} Optional; Seperator for OAuth header parameters, default is ,
  • callback {String} Optional; callback uri, over-rides options callback.

getOAuthRequestToken() - Creating Request Token Call

oa.getOAuthRequestToken({ /* … parameters … */ }, callback);
  • parameters {Object} Optional; Additional Headers you might want to pass along.
    • If omitted, you can treat parameters argument as callback and pass along a function as a single parameter.
  • callback {Function} Anonymous Function to be invoked upon response or failure.
Example
oa.getOAuthRequestToken(function (error, oauth_token, oauth_token_secret, results) {
  if (error) 
    return res.send('Error getting OAuth Request Token: ' + error, 500);
  else
    // Usually a redirect happens here to the /oauth/authorize stage
    return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});

getOAuthAccessToken() - Creating OAuth Access Token Call

oa.getOAuthAccessToken(options, callback);
  • options {Object}
    • oauth_verifier {String} Verification code tied to the Request Token. Section 2.3
    • oauth_token {String} Request Token
    • oauth_token_secret {String} Request Token Secret, used to help generation of signatures.
    • parameters {Object} Optional; Additional headers to be sent along with request.
    • callback {Function} Optional; Method to be invoked upon result, over-ridden by argument if set.
  • callback {Function} Method to be invoked upon result, over-rides options callback.
Example
oa.getOAuthAccessToken({
  oauth_verifier: 'ssid39b',
  oauth_token: 'request_key',
  oauth_secret: 'request_secret'
}, function (error, token, secret, result) {
  if (error) 
    return res.send('Error getting XAuth Access Token: ' + error, 500);
  else
    // Usually you want to store the token and secret in a session and make your requests after this
    return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});

getXAuthAccessToken() - Creating XAuth Access Token Call

oa.getXAuthAccessToken(username, password, callback);
  • username {String} XAuth Username credentials of User obtaining a token on behalf of
  • password {String} XAuth Password credentials of User obtaining a token on behalf of
  • callback {Function} Anonymous Function to be invoked upon response or failure.
Example
oa.getXAuthAccessToken('nijikokun', 'abc123', function (error, oauth_token, oauth_token_secret, results) {
  if (error) 
    return res.send('Error getting XAuth Access Token: ' + error, 500);
  else
    // Usually you want to store the token and secret in a session and make your requests after this
    return res.send('Successfully Obtained Token & Secret: ' + oauth_token + ' & ' + oauth_token_secret, 200);
});

Request Methods

oa.post(options, callback);
oa.get(options, callback);
oa.delete(options, callback);
oa.patch(options, callback);
oa.put(options, callback);

// Alternatively, you can use the old node-oauth style: (Where method is one of five above.)
oa.method(url, oauth_token, oauth_token_secret, body, type, parameters, callback);
  • options {Object} Contains Request Information
    • url {String} URL to be requested upon
    • oauth_token {String} Optional; Dependant upon request step, could be access, or request token.
    • oauth_token_secret {String} Optional; Dependant upon request step
    • body {String} Optional; Body information to be sent along with request.
    • type {String} Optional; Content Request Type
    • parameters {Object} Optional; Additional headers you wish to pass along with your request.
    • callback {Function} Optional; Method to be invoked upon result, over-ridden by argument if set.
  • callback {Function} Method to be invoked upon result, over-rides options callback.

Using OAuth2:

var OAuth2 = require('mashape-oauth').OAuth2;
var oa = new OAuth2({ /* … options … */ }, callback);
  • options {Object} OAuth Request Options
    • clientId {String} Client Identifier
    • clientSecret {String} Client Secret
    • baseUrl {String} Base url of OAuth request
    • authorizationUrl {String} Optional; Authorization endpoint, default is /oauth/authorize
    • authorizationMethod {String} Optional; Authorization Header Method, default is Bearer
    • accessTokenUrl {String} Optional; Access Token Endpoint, default is /oauth/access_token
    • accessTokenName {String} Optional; Access Token Parameter Name, default is access_token
    • headers {Object} Optional; Custom headers we wish to pass along

Something went wrong with that request. Please try again.