Closed KingFinlayson closed 9 years ago
Hello,
When you perform the following request:
and when the user has allowed the access of the data, a code is sent back to the trusted client (the one running on port 1338 in the example).
Then to get an access token, a post request need to be done (with the client_id / client_secret / redirect_uri / code), exemple in curl:
curl -XPOST -d 'client_id=KXVY0SMNI4&client_secret=Jym2YVFxncHVYcnS6Vn10K1TOq6SFa&grant_type=authorization_code&redirect_uri=http://localhost:1338&code=nv6eeXUm8zGIUVe0' http://localhost:1337/oauth/token
=>
{"access_token":"JzbwaqAr2tChhiBxgnlPx13FOM5SYso4spKxAGNJyVgVD0YAA3jZvqkxLOxuLDnvNIeyfiQdvHAuj9nks9LtIJiRmWsCC6pM9rm59a0NS69E2q0o5iw3IimVJoukUwxtCQtzwzhjtfK29DiREY9tk6yoUxJXY9uaasad5Uvd0CEj8YBNdKFkqLLmpDZN7EqR9bbBL5gKdQZSWtO5Q9m3AfcrifKZy6s1HmeQ9qaC1TmnQ2VbhWnEDYHQhGTyIeAB","refresh_token":"gL18lCftOXYJ7l0AKxwdEMcWfxEa1ZQbs74YudxYG21RULrGGSynrUDKevkdRU5tBrj6L5CT3vIpcOJvIRAoUsWTve9fJcmjGjQ5EAvjkhhebRurkAvwciaIYTYVVaToMZk6BWbWGw6cqdGbXZ95nTBnRkB1brfCMR6bXIm0VqxTp5BR4xULcAgQy7M8nF41ea8ebR6zdEcrpdY7lP89aZLN6yrj12TemP3YRM4gEBhzmi2HJVQgdRxiQbHW2n1C","expires_in":3600,"token_type":"Bearer"}
I’ll definitively update this is a near future so it’s clearer. Thanks a lot for your feedback. Luc
Thanks for your input, I got past that part! Everything went well but I have another question on how to utilize the access token to retrieve data from the api.
I would assume it goes in the header like so: Authorization: Bearer [ACCESS TOKEN]?
Nevermind, I answered my own question. :)
Maybe it's worth mentioning that as well in the README. Thanks!
Hi, sorry I was late to reply :) Glad you got it working. I will update the README
No problemo, but one last question; Is there a way to authorize a client without having to log in or is that a part of the oAuth workflow?
You actually have multiple workflows available and one of them satisfies my question so again, nevermind haha. Great work here, if I have any REAL questions I'll be sure to ask!
Thanks
Hi, I'm glad it could help :) Thanks, and do not hesitate to ask.
On Fri, Jan 9, 2015 at 7:43 PM, BCJFinlayson notifications@github.com wrote:
You actually have multiple workflows available and one of them satisfies my question so again, nevermind haha. Great work here, if I have any REAL questions I'll be sure to ask!
Thanks
— Reply to this email directly or view it on GitHub https://github.com/lucj/sails-oauth2-api/issues/3#issuecomment-69378550.
Hey,
I'm just getting up to speed with node.js and sails in particular so I'm not too fond of how things should function. I've pulled down this codebase and running it locally, but I'm not sure how to test "oauth/authorize" in the browser. When I try to hit this url, after successful login, I get an error of untrusted client.
How do I leverage the trusted client inside the example folder in order to properly retrieve an access token?
Any insight would be great!
Thanks