Reputation: 753
Can we get access token from authorization code in passport js
I have a client which sends me the Authorization code obtained from an oauth2 authorization end-point. I can create a request from my nodejs back-end code to get the tokens from the token end-point using this authorization code. However, I think that passport js should already have a logic for this, since it can return the tokens in the verify callback function( provided the entire authorization flow is done by passport ). I would like to know if there is a function in passport js that accepts the Authorization code and returns the tokens. I could not find this in the docs. Also tried to debug the passport js code, but with no success :(
Upvotes: 1
Views: 11003
Answers (1)
Reputation: 2107
If you have a look at passport oauth2 strategy, what you're describing here:
I would like to know if there is a function in passport js that accepts the Authorization code and returns the tokens
Is handled by passport. Given the example in the link 1, you should have this configuration for the strategy:
passport.use(new OAuth2Strategy({
authorizationURL: 'https://www.example.com/oauth2/authorize',
tokenURL: 'https://www.example.com/oauth2/token',
clientID: EXAMPLE_CLIENT_ID,
clientSecret: EXAMPLE_CLIENT_SECRET,
callbackURL: "http://localhost:3000/auth/example/callback"
},
function(accessToken, refreshToken, profile, cb) {
// Do whatever here with the profile
}
));
The callbackURL is the 'function' you're looking for. Let me explain:
The OAuth2 specification (I'm assuming you're using the Authorization Code Grant flow) states that a user is redirected to an Identity Provider (the authorizationURL). The identity provider then prompts the user for her credentials and once authenticated, the identity provider will send the user back to your application along with a code. This code should be handled by a callback method that is linked with the callbackURL endpoint. This is how is described in their examples:
app.get('/auth/example/callback',
passport.authenticate('oauth2', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
The callback defined in the strategy should manage what you're trying to achieve.
If this doesn't suit your needs, you can always go monkey patching :) Here is an example that you can try out:
'use strict';
var OAuth2 = require('oauth').OAuth2;
function getTokenFromCode (code, clientID, clientSecret, authorizationURL, tokenURL) {
return () => {
var oAuth2 = new OAuth2(clientID, config.clientSecret,
'', config.authorizationURL, config.tokenURL);
var _getOAuthAccessToken = oAuth2.getOAuthAccessToken;
oAuth2.getOAuthAccessToken = (code, params, callback) => {
if (responseType) {
params.response_type = responseType;
}
_getOAuthAccessToken.call(oAuth2, code, params, callback);
};
return oAuth2;
};
}
What this code does is the following:
- Instantiate an OAuth2 object and initialize it with the needed configuration
- Monkey patch the
getOAuthAccessTokenmethod with our thingy - In our implementation, we're receiving the code and fetching the access token and refresh token.
You can also provide a callback and execute it instead of returning the OAuth2 object.
Upvotes: 5
Related Questions
- Passport.js - Exchange authorization code received from the client for the access token
- Passport-auth0 access accessToken
- How could I use the access token provided from Passport JS later on?
- Getting Access token validity
- nodejs passport authentication token
- access user profile via oauth tokens passport.js
- API Route available with Any token JWT+PASSPORT
- ExpressJS API Token Authentication
- Get token on the client-side for passport-local authentication
- Using Passport module in Nodejs for OAuth