Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Move off of sessions. Node v0.8.

Encode state in a cookie. Roll a new version, v0.0.2.
  • Loading branch information...
commit 698659effefefc7d34bf342d592b3fc1d3bd5ea1 1 parent 54142f9
Simon Murtha Smith authored

Showing 3 changed files with 40 additions and 32 deletions. Show diff stats Hide diff stats

  1. +10 5 example/test.js
  2. +24 24 lib/fitbit_client.js
  3. +6 3 package.json
15 example/test.js
... ... @@ -1,10 +1,10 @@
1 1 var express = require('express'),
2 2 connect = require('connect'),
3 3 app = express.createServer(connect.bodyParser(),
4   - connect.cookieParser('session'),
5   - connect.session());
  4 + connect.cookieParser('sess'));
  5 +
6 6 var fs = require('fs');
7   -var fitbitClient = require('../')('yourConsumerKey', 'yourConsumerSecret');
  7 +var fitbitClient = require('../')(process.argv[2], process.argv[3]);
8 8
9 9 var token;
10 10 app.get('/', function (req, res) {
@@ -24,8 +24,13 @@ app.get('/getStuff', function (req, res) {
24 24 res.writeHead(200, 'application/json');
25 25 res.end(JSON.stringify(resp));
26 26 });
27   -
  27 +
28 28 });
29 29
  30 +app.get('/cookie', function(req, res) {
  31 + res.send('wahoo!');
  32 +});
  33 +
  34 +
30 35 app.listen(8553);
31   -console.log('listening at http://localhost:8553/');
  36 +console.log('listening at http://localhost:8553/');
48 lib/fitbit_client.js
@@ -7,19 +7,21 @@
7 7 var url = require("url"),
8 8 http = require('http'),
9 9 OAuth = require('oauth').OAuth,
10   - querystring = require("querystring");
  10 + querystring = require("querystring"),
  11 + Serializer = require('serializer');
11 12
12 13 var baseURI = 'http://api.fitbit.com/1';
13 14
14 15 module.exports = function (api_key, api_secret, callbackURI) {
15   - var client = {version: '0.0.0'};
  16 + var client = {version: '0.0.2'};
  17 + var serializer = Serializer.createSecureSerializer(api_key, api_secret);
16 18
17 19 var oAuth = new OAuth('http://api.fitbit.com/oauth/request_token',
18 20 'http://api.fitbit.com/oauth/access_token',
19 21 api_key, api_secret, '1.0', callbackURI,
20 22 'HMAC-SHA1', null,
21 23 {'Accept': '*/*', 'Connection': 'close', 'User-Agent': 'fitbit-js ' + client.version});
22   -
  24 +
23 25
24 26 function requestCallback(callback) {
25 27 return function (err, data, response) {
@@ -55,33 +57,31 @@ module.exports = function (api_key, api_secret, callbackURI) {
55 57 }
56 58
57 59 client.getAccessToken = function (req, res, callback) {
58   - var parsedUrl = url.parse(req.url, true),
59   - callbackUrl = (req.socket.encrypted ? 'https' : 'http') + '://' + req.headers.host + parsedUrl.pathname,
60   - has_token = parsedUrl.query && parsedUrl.query.oauth_token,
61   - has_secret = req.session.auth && req.session.auth.fitbit_oauth_token_secret;
  60 + var sess;
  61 + if(req.cookies && req.cookies["fitbit_client"]) {
  62 + try { sess = serializer.parse(req.cookies["fitbit_client"]) }catch(E){ }
  63 + }
  64 + var qs = url.parse(req.url, true).query;
  65 +
  66 + var has_token = qs && qs.oauth_token,
  67 + has_secret = sess && sess.token_secret;
62 68
63 69 if(has_token && has_secret) { // Access token
64   - oAuth.getOAuthAccessToken(parsedUrl.query.oauth_token,
65   - req.session.auth.fitbit_oauth_token_secret,
66   - parsedUrl.query.oauth_verifier,
  70 + oAuth.getOAuthAccessToken(qs.oauth_token,
  71 + sess.tokenSecret,
  72 + qs.oauth_verifier,
67 73 function (error, oauth_token, oauth_token_secret, additionalParameters) {
68   - if (error)
69   - callback(error, null);
70   - else
71   - callback(null, {oauth_token: oauth_token, oauth_token_secret: oauth_token_secret});
  74 + if (error) return callback(error, null);
  75 + callback(null, {oauth_token: oauth_token, oauth_token_secret: oauth_token_secret});
72 76 });
73 77 } else { // Request token
74   - oAuth.getOAuthRequestToken({oauth_callback: callbackUrl},
  78 + oAuth.getOAuthRequestToken({oauth_callback: callbackURI},
75 79 function (error, oauth_token, oauth_token_secret, oauth_authorize_url, additionalParameters) {
76   - if(!error) {
77   - req.session.fitbit_redirect_url = req.url;
78   - req.session.auth = req.session.auth || {};
79   - req.session.auth.fitbit_oauth_token_secret = oauth_token_secret;
80   - req.session.auth.fitbit_oauth_token = oauth_token;
81   - res.redirect("http://www.fitbit.com/oauth/authorize?oauth_token=" + oauth_token);
82   - } else {
83   - callback(error, null);
84   - }
  80 + if (error) return callback(error, null);
  81 + res.cookie('fitbit_client',
  82 + serializer.stringify({token_secret:oauth_token_secret}),
  83 + { path: '/', httpOnly: false }); // stash the secret
  84 + res.redirect("http://www.fitbit.com/oauth/authorize?oauth_token=" + oauth_token);
85 85 });
86 86 }
87 87 };
9 package.json
... ... @@ -1,12 +1,15 @@
1 1 {
2 2 "name": "fitbit-js",
3 3 "description": "Simple FitBit API client",
4   - "version": "0.0.1",
  4 + "version": "0.0.2",
5 5 "author": "Simon Murtha-Smith <simon@murtha-smith.com>",
6 6 "keywords": ["fitbit"],
7 7 "main" : "lib/fitbit_client.js",
8 8 "directories" : { "lib" : "./lib" },
9   - "dependencies": { "oauth": ">= 0.8.2" },
  9 + "dependencies": {
  10 + "oauth": ">= 0.8.2",
  11 + "serializer": ">=0.0.2 <0.1.0"
  12 + },
10 13 "repository" : {"type": "git" , "url": "http://github.com/smurthas/fitbit-js.git" },
11   - "engines": { "node": ">=0.2.0 <0.7.0" }
  14 + "engines": { "node": ">=0.8.0 <0.9.0" }
12 15 }

0 comments on commit 698659e

Please sign in to comment.
Something went wrong with that request. Please try again.