Add jwt example

examples/jwt/README.md

@@ -0,0 +1,40 @@
+
+# JWT Example
+
+## Install
+
+```bash
+$ cd examples/jwt
+$ npm install
+```
+
+## OAuth Application
+
+Create OAuth application for Facebook, set the application domain to be `dummy.com`
+
+In your `hosts` file add this line `127.0.0.1 dummy.com`
+
+
+## Configure
+
+Edit the `config.json` file with your own OAuth application credentials
+
+
+## Create self-signed certificates
+
+```bash
+# generate private key
+openssl genrsa 2048 > private.pem
+# generate the self signed certificate
+openssl req -x509 -new -key private.pem -out public.pem
+```
+
+## Run the App
+
+```bash
+$ node app.js
+```
+
+## Start the Flow
+
+To start the OAuth flow for Facebook navigate to `http://dummy.com:3000/connect/facebook` in your browser

examples/jwt/app.js

@@ -0,0 +1,50 @@
+
+var express = require('express')
+var logger = require('morgan')
+var session = require('express-session')
+var Purest = require('purest')
+var jwt = require('./jwt')
+
+var Grant = require('grant-express')
+var grant = new Grant(require('./config.json'))
+
+var app = express()
+app.use(logger('dev'))
+// REQUIRED:
+app.use(session({
+  name: 'grant',
+  secret: 'very secret',
+  saveUninitialized: false,
+  resave: false
+}))
+// mount grant
+app.use(grant)
+
+app.get('/handle_facebook_callback', function (req, res) {
+  if (req.query.error) {
+    console.log(req.query.error)
+    res.end(JSON.stringify(req.query.error))
+  }
+  else {
+    console.log(req.session.grant.response)
+    // get the user's profile
+    var facebook = new Purest({provider: 'facebook'})
+    facebook.query()
+      .get('me')
+      .auth(req.session.grant.response.access_token)
+      .request(function (err, _res, body) {
+        // remove the session data
+        req.session.destroy(function () {
+          // remove the cookie
+          res.clearCookie('grant')
+          // generate JWT - encode the user's Facebook id and name in it
+          var token = jwt.sign({id: body.id, name: body.name})
+          res.end(JSON.stringify({jwt: token}, null, 2))
+        })
+      })
+  }
+})
+
+app.listen(3000, function () {
+  console.log('Express server listening on port ' + 3000)
+})

examples/jwt/config.json

@@ -0,0 +1,17 @@
+{
+  "server": {
+    "protocol": "http",
+    "host": "dummy.com:3000",
+    "transport": "session",
+    "state": true
+  },
+  "facebook": {
+    "key": "[APP_ID]",
+    "secret": "[APP_SECRET]",
+    "callback": "/handle_facebook_callback",
+    "scope": [
+      "user_groups",
+      "user_likes"
+    ]
+  }
+}

examples/jwt/jwt.js

@@ -0,0 +1,39 @@
+
+var fs = require('fs')
+var path = require('path')
+var jws = require('jws')
+var key = {
+  public: fs.readFileSync(path.resolve(__dirname, './public.pem'), 'utf8'),
+  private: fs.readFileSync(path.resolve(__dirname, './private.pem'), 'utf8')
+}
+
+
+exports.sign = function (user) {
+  var epoch = Math.floor(new Date().getTime() / 1000)
+
+  var options = {
+    header: {
+      alg: 'RS256',
+      typ: 'JWT'
+    },
+    payload: {
+      // issuer
+      iss: 'Grant',
+      // expiration
+      exp: epoch + (3600 * 24 * 365), // 1 year
+      // subject
+      sub: JSON.stringify(user),
+      // audience
+      aud: 'Grant',
+      // issued at
+      iat: epoch
+    },
+    secret: key.private
+  }
+
+  return jws.sign(options)
+}
+
+exports.verify = function (signature) {
+  return jws.verify(signature, 'RS256', key.public)
+}

examples/jwt/package.json

@@ -0,0 +1,23 @@
+{
+  "name": "grant-jwt-example",
+  "version": "0.0.0",
+  "description": "JWT Example",
+  "private": true,
+  "keywords": [],
+  "license": "MIT",
+  "homepage": "https://github.com/simov/grant",
+  "author": "Simeon Velichkov <simeonvelichkov@gmail.com> (http://simov.github.io)",
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/simov/grant.git"
+  },
+  "dependencies": {
+    "express": "4.4.4",
+    "express-session": "1.5.1",
+    "grant-express": "*",
+    "jws": "^3.1.3",
+    "morgan": "1.1.1",
+    "purest": "^2.0.1"
+  },
+  "main": "app.js"
+}