This example shows a provider which grants tokens in exchange for codes for
git clone https://github.com/gerges-beshay/oauth2orize-examples.git
pushd oauth2orize-examples
npm install
node app.js
Visit http://localhost:3000/login to see the server running locally.
.vercelignore
file in the root of the package (where package.json is located) with the following contents:
node_modules
.eslintrc
LICENSE.md
README.md
vercel.json
file in the root of the package with the following contents:
{
"version": 2,
"builds": [
{
"src": "app.js",
"use": "@now/node-server"
}
],
"routes": [
{
"src": "/(.*)",
"dest": "app.js"
}
]
}
vercel
in the terminal/console. (If the command is not recognized, you might have to restart your computer.)Interacting with this provider directly doesn't showcase it's oauth2 functionality.
/
takes you to a blank page... not too interesting/login
will ask you for credentials.
/account
will allow you to see your user detailsIn order to demo what this is actually accomplishing you'll need to run a consumer.
See https://github.com/coolaj86/example-oauth2orize-consumer
Below is a mapping of the API in the context of a passport-strategy
/dialog/authorize
is the authorizationURL
./oauth/token
is the tokenURL
/api/userinfo
is a protected resource that requires user permission/api/clientinfo
is a protected resource that requires a token generated from the client's id and secretscope
is not demonstrated in this example.The standalone usable resources are
GET /
nothingGET /login
lets you login, presented by /dialog/authorize
if you haven't logged inPOST /login
processes the loginGET /logout
lets you logoutGET /account
lets your view your user infoAnd then some internal resources that are of no concern for standalone users or consumers
POST /dialog/authorize/decision
, processes the allow / deny