vendredi 27 février 2015

Nodejs express integration authentification local and facebook

I actually develop a restfull server using NodeJS and express. I've already implemented oauth2 protocol in order to secure my API. I want to add Facebook authentication but I don't manage to integrate the facebook authentification with my local authentication.


server.js 



    router.route('/oauth/local')
        .post(oauth2Controller.token); 

    router.route('/oauth/facebook')
         .get(passport.authenticate('facebook-token'), oauth2Controller.token); 
  //impossible to call oauth2Controller.token


oauth2.js 



var oauth2orize = require('oauth2orize')
var User = require('../models/user');
var AccessToken = require('../models/accesstoken');
var RefreshToken = require('../models/refreshtoken');
var passport = require('passport');

var server = oauth2orize.createServer();

server.exchange(oauth2orize.exchange.password(function(application, username, password, scope, callback){
    User.findOne({username: username}, function(err, user){
    if (err)
        return (callback(err));
    if (!user)
        return (callback(null, false));
    user.verifyPassword(password, function(err, isMatch){
        if (err)
        return (callback(err));
        if (!isMatch)
        return (callback(null, false));

        var accessToken = new AccessToken({
        user: user.username,
        application: application.oauth_id,
        scope: '*' 
        });
        accessToken.save(function(err){
        if (err)
            return (callback(err));
        });

        var refreshToken = new RefreshToken({
        user: user.username,
        application: application.oauth_id
        });
        refreshToken.save(function(err){
        if (err)
            return (callback(err));
        });
        callback(null, accessToken.value, refreshToken.value);
    });
    })
}));

server.exchange(oauth2orize.exchange.refreshToken(function(application, refreshToken, scope, callback){
    RefreshToken.findOne({value: refreshToken}, function(err, token){
    if (err)
        return (callback(err));
    if (!token)
        return (callback(null, false));

    var accessToken = new AccessToken({
        user: token.user,
        application: application.oauth_id,
        scope: '*' 
    });

    accessToken.save(function(err){
        if (err)
        return (callback(err));
    });
    callback(null, accessToken.value, refreshToken.value);
    });
}));

exports.token = [
    passport.authenticate(['clientBasic'], {session: false}),
    server.token(),
    server.errorHandler()
];


auth.js 



passport.use(new FacebookTokenStrategy({
    clientID: ID_CLIENT_FACEBOOK,
    clientSecret: SECRET_CLIENT_FACEBOOK
},
function(accessToken, refreshToken, profile, done) {

    //Do something here
    done(null, profile);
}));


The local authentication and facebook authentication work fine. But after be authenticated with facebook, I don't manage to give the needed informations to oauth.token in order to obtain tokens for my API.


Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)