REFERENCE DIAGRAM: https://opskins.com/images/oauth-guide-v1.png
const Auth = require('opskins-auth')
const auth = Auth('OPSKINS_API_KEY')
auth
.createClient({
name: 'Some Website',
redirect_uri: 'https://auth.somewebsite.com',
})
.then(resp => {
// do somthing
})
.catch(console.error)Create a new OAuth client.
Returns OAuth client object and secret.
name- Name for this client, to be displayed to users when they are prompted to approve accessredirect_uri- URI to which users are redirected after approving or denying access
can_keep_secret- Set this to 0 if your client cannot keep a secret and will maintain per-token secrets (see OAuth documentation). Default 1
auth
.createClient(
{
name: 'Some Website',
redirect_uri: 'https://auth.somewebsite.com',
},
true
)
.then(({ secret, client }) => {
// do somthing...
})Delete an OAuth client that you own, and invalidate all of its tokens.
Returns 200 response.
client_id- Hexadecimal client_id of the client you want to delete
auth.deleteClient('some_client_id')Get a list of all OAuth clients owned by the authenticated user.
Returns list of OAuth client objects.
auth.getOwnedClientList().then(clients => {
// do somthing
})Reset the secret for a secret-bearing OAuth client that you own. If you use this, a new secret will be generated and the old one will no longer work.
Does not work if the client_id you pass does not keep a secret.
Returns OAuth client object with secret.
client_id- Hexadecimal client_id of the client you want to delete
auth.resetClientSecret('some_client_id').then(({ secret, client }) => {
// do somthing...
})Update an OAuth client that you own. At least one of name and redirect_uri is required.
Returns OAuth client object.
client_id- Hexadecimal client_id of the client you want to delete
name- Name for this client, to be displayed to users when they are prompted to approve accessredirect_uri- URI to which users are redirected after approving or denying access
auth
.updateClient('some_client_id', {
name: 'Some Updated Website',
redirect_uri: 'https://auth.someupdatedwebsite.com',
})
.then(client => {
// do somthing...
})Using a authorization code from the user authorization flow, you can exchange it for a bearer token.
Returns Token object.
code- the authorization code you received in your return URL
auth.accessToken('some_client_code').then(token => {
// do somthing...
})If you have a refresh token (i.e. you've already authorized the user in the past), you can use it to get a new bearer token.
Returns Token object.
refresh_token- a refresh token
auth.refreshToken('some_client_token').then(token => {
// do somthing...
})If you did not request permanent access to a user's account, then you don't need to do anything to "sign the user out". Their bearer token will automatically expire. If you requested permanent access and received a refresh token, then when you no longer need access to the user's account, you should revoke the refresh token.
Returns Token object.
token- a user's token
auth.revokeToken('some_client_token').then(token => {
// do somthing...
})List of example responses for reference.
{
"client_id": "ff371b045307",
"name": "TestApp2",
"redirect_uri": "http://localhost:1234",
"time_created": 1535407757,
"has_secret": true
}{
"access_token": "AQAAAAQAAAAAAAVd4P////9Z3Sdf3C+GZhYgJzVwBLYfjo+n8LIAzj+JaAippILcmeX2e2o=",
"token_type": "bearer",
"expires_in": 1800,
"scope": "identity items",
"refresh_token": "6EnU6ZvGi5OoBcSpGs2V4PkcgfBgwr1V"
}