node.js 上的 OAuth 问题 [英] Problems with OAuth on node.js

问题描述

我正在尝试让 OAuth 在 node.js 上工作.我在 node-oauth 的文档中找到了这个:

I am trying to get OAuth to work on node.js. I found this in the documentation of node-oauth:

var OAuth= require('oauth').OAuth;
var oa = new OAuth(requestUrl,accessUrl,consumerKey,consumerSecret,"1.0A",responseUrl,"HMAC-SHA1");

官方教程中的下一步说:

然后按照正常渠道获取有效的访问令牌 + 访问令牌秘密"

"Then get hold of a valid access token + access token secret as per the normal channels"

这些正常渠道"是什么?

我知道用户必须以某种方式在供应商"站点上进行身份验证，并且以某种方式调用响应 url，但我找不到如何实现这一点的描述.有人能指教我吗?

I know that the user has to authenticate somehow on the "vendor" site and that by some way a response url is called, but I can't find a description how to implement this. Can someone enlighten me?

推荐答案

我不确定您要连接到哪个 OAuth 服务，因此我仅以 twitter 为例.创建 OAuth 对象后，您需要先请求一个 oauth 令牌.当您获得该令牌时，您需要重定向到 Twitter 的身份验证页面，该页面会提示他们登录，然后询问该应用是否可以登录.

I'm not sure what OAuth service you are trying to connect to so I'll just use twitter as an example. After you create your OAuth object you need to first request an oauth token. When you get that token, then you need to redirect to, for twitter, their authenticate page which either prompts them to login, then asks if it's ok for the app to login.

oa.getOAuthRequestToken(function(error, oauth_token, oauth_token_secret, results){
  if (error) new Error(error.data)
  else {
    req.session.oauth.token = oauth_token
    req.session.oauth.token_secret = oauth_token_secret
    res.redirect('https://twitter.com/oauth/authenticate?oauth_token='+oauth_token)
   }
});

当您第一次创建 OAuth 对象时，您设置了一个 responseURL 或回调 URL.它可以是任何东西，对于我的应用程序，它只是/oauth/callback.在该回调中，您会收到 oauth 验证器令牌.然后，您可以使用 oauth 请求令牌和 oauth 验证器令牌来请求访问令牌.当您收到访问令牌时，您还将收到他们传递的任何其他信息，例如他们的用户名.

When you first created the OAuth object, you set a responseURL, or the callback url. It can be anything, for my app its just /oauth/callback. In that callback you receive the oauth verifier token. You then use both the oauth request token and oauth verifier token to request the access tokens. When you receive the access tokens you will also receive anything else they pass, like their username.

app.get('/oauth/callback', function(req, res, next){
  if (req.session.oauth) {
    req.session.oauth.verifier = req.query.oauth_verifier
    var oauth = req.session.oauth

    oa.getOAuthAccessToken(oauth.token,oauth.token_secret,oauth.verifier, 
      function(error, oauth_access_token, oauth_access_token_secret, results){
        if (error) new Error(error)
        console.log(results.screen_name)
    }
  );
} else
  next(new Error('No OAuth information stored in the session. How did you get here?'))
});

希望这有帮助！当我开始做这件事时，我遇到了同样的问题.

Hope this helps! I had the same problems when I started on this.

这篇关于node.js 上的 OAuth 问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！