I'm working on a project in Node.js , we need safe authorization for clients, As far as Facebook and Twitter go, we have to validate the token with their API
i Google it and found many examples but all are using third party API i-e Facebook, Twitter etc
but the problem is we have to issue our own token that the device will use when talking to our API. is there any module implemented for Node.js that authenticate and generate token ?
I'm not clear on what you mean by wanting to find a node module (all of which are essentially 3rd party API's) that provides OAuth2 client capability that will work against facebook and twitter without an extra server call.
However that being said, you might look at these:
And since Node.js is javascript, you can wrap up regular javascript written for client-side browsers provided you simulate the necessary browser environment elements expected by the client-side javascript.
Your question made me think it might be useful to encapsulate the OAuth library provided here: https://github.com/andreassolberg/jso, and roll it up into a Node module such that you could have a client that behaves like a browser against an OAuth2 provider but from within Node.
So here are the beginnings of that project:
Here it is on github (https://github.com/hoonto/node-jso) or
npm instal node-jso
It won't likely work yet as I need to patch up the way it is doing local storage and xhr, but that's pretty trivial I think to fix.
I am providing some callback functions, so you can use it like so:
var jso = require("node-jso")('http://www.google.com');
jso.onlocation = function(location){
//Handle location changes
};
jso.onhash = function(hash){
//Handle hash changes
};
jso.onhref = function(href){
//Handle href changes
};
jso.jso_configure({
"facebook": {
client_id: "xxxxxxxxxx",
redirect_uri: "http://localhost/~andreas/jso/",
authorization: "https://www.facebook.com/dialog/oauth",
presenttoken: "qs"
}
});
If you'd like to help out feel free to submit pull requests!
The client id you see in hoonto's post is a client id you have to generate throw the Facebook website. This is the client id of your application and not the client id of the user. So you need to fill it only once and no oAuth module will work without.
You need to create an application for each social media ( FB, TW and GP ).
For ex, for Facebook, you can use the app page to get this client id: https://developers.facebook.com/apps
For Google Plus you can generate the client id in the console page : https://code.google.com/apis/console/
This authenticates token https://github.com/jaredhanson/passport-http-bearer and there are lots of ways you can generate token ( md5 of email+password+salt)
I dont Really Understand what you want, but this is the thing I use right now.
And it works pretty well for me
If I understand what do you mean right my project has the same functionality. My app acts as Oauth2 provider, but delegates authorization to other providers. My app doesn't support scopes as it will require additional dialog, so I don't use all oauth2 abilities yet. But I plan it in the future. I used this modules:
The main help in work was the example from oauth2orize module.