当我做Facebook时，如何获得Meteor的凭证秘密？请求客户端的认证？ [英] How can I get the credential secret in Meteor, when I do Facebook.requestCredential on the client?

问题描述

我正在尝试实现一个登录/链接帐户系统，如这个

（向下滚动到显示关联方法）

I'm trying to implement a login/link account system like the one in this question.
(scroll down to where it says "Methods for explicit associations")

您以前可以通过以下方式获取用户的登录数据：

data = Package.facebook.Facebook.retrieveCredential（token）.serviceData

You used to be able to get the user's login data with something like this:
data = Package.facebook.Facebook.retrieveCredential(token).serviceData

现在看起来像这样 retrieveCredential（令牌，秘密）。

这是提交发生的地方。

Now it looks like this retrieveCredential(token, secret).
Here's the commit where that happened.

我的生活中我无法弄清楚如何在我打电话之后在服务器上获取凭证秘密：

I for the life of me can't figure out how to get the credential secret on the server after I call:

Package.facebook.Facebook.requestCredential(
    requestPermissions: Accounts.ui._options.requestPermissions["facebook"]
, (token) ->
    Meteor.call "userAddOauthCredentials", token, Meteor.userId(), service, (err, resp) ->
        if err?
            Meteor.userError.throwError(err.reason)
)

推荐答案

原来你可以这样做（客户端）：

Turns out you can do it like this at the moment (on the client):

service = "facebook"
Package.facebook.Facebook.requestCredential(
    requestPermissions: Accounts.ui._options.requestPermissions["facebook"]
, (token) ->
    secret = Package.oauth.OAuth._retrieveCredentialSecret(token)
    Meteor.call "userAddOauthCredentials", token, secret, service, (err, resp) ->
        if err?
            Meteor.userError.throwError(err.reason)
)

然后在服务器上，您需要秘密访问用户的服务数据。

Then on the server you'll need the secret to access the service data for the user.

userAddOAuthCredentials: (token, secret, service) ->
    services = Meteor.user().services
    serviceSearch = {}
    data = {}
    switch service
        when "facebook"
            if not services.facebook?
                data = Package.facebook.Facebook.retrieveCredential(token, secret)?.serviceData
                services.facebook = data
                serviceSearch = {"services.facebook.id": services.facebook.id}
            else
                throw new Meteor.Error(500, "You already have a linked Facebook account with email #{services.facebook.email}...")
    oldUser = Meteor.users.findOne(serviceSearch)
    if oldUser?
        throw new Meteor.Error(500, "Your #{service} account has already been assigned to another user.")

    Meteor.users.update(@userId, {$set: {services: services}})
    if data.email?
        if not _.contains(Meteor.user().emails, data.email)
            Meteor.users.update(@userId, {$push: {"emails": {address: data.email, verified: true}}})

这些功能将为您提供用户的服务数据，以便您可以链接多个帐户，或做任何你想要的。

Those functions will get you the user's service data so you can link multiple accounts, or do whatever you want with them.

这篇关于当我做Facebook时，如何获得Meteor的凭证秘密？请求客户端的认证？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！