github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
04135ffa414a3fb55b94de8010499ab2797f07ed
meteor/packages/weibo/weibo_server.js
Andrew Wilcox 2fd00e58ba Implements the "redirect" login flow, for cases such as using a mobile 
UIWebView which aren't able to use the preferred "popup" login flow.

See the specs for details:
  https://meteor.hackpad.com/OAuth-redirect-flow-spec-PeziTcaNPDP
  https://meteor.hackpad.com/OAuth-redirect-flow-part-II-vswwUKP4vXe

I extracted code to construct a URL from the `http` package into a new
`url` utility package.  The new package has no public API, it simply
has the original URL construction functions that were in `http` and
makes them available to oauth.

Fixes the Meetup account login, as Meetup now requires using
"https://api.meetup.com/2/members" instead of
"https://secure.meetup.com/2/members".

The `?close` parameter for the redirect URI is now not needed or used.
For backwards compatibility the `?close` parameter is included if the
login service configuration doesn't include the `loginStyle` field
(indicating it was created using old code).
2014-08-28 17:25:13 -07:00

78 lines
2.6 KiB
JavaScript
Raw Blame History

Weibo = {};
OAuth.registerService('weibo', 2, null, function(query) {
var response = getTokenResponse(query);
var uid = parseInt(response.uid, 10);
// different parts of weibo's api seem to expect numbers, or strings
// for uid. let's make sure they're both the same.
if (response.uid !== uid + "")
throw new Error("Expected 'uid' to parse to an integer: " + JSON.stringify(response));
var identity = getIdentity(response.access_token, uid);
return {
serviceData: {
// We used to store this as a string, so keep it this way rather than
// add complexity to Account.updateOrCreateUserFromExternalService or
// force a database migration
id: uid + "",
accessToken: response.access_token,
screenName: identity.screen_name,
expiresAt: (+new Date) + (1000 * response.expires_in)
},
options: {profile: {name: identity.screen_name}}
};
});
// return an object containining:
// - uid
// - access_token
// - expires_in: lifetime of this token in seconds (5 years(!) right now)
var getTokenResponse = function (query) {
var config = ServiceConfiguration.configurations.findOne({service: 'weibo'});
if (!config)
throw new ServiceConfiguration.ConfigError();
var response;
try {
response = HTTP.post(
"https://api.weibo.com/oauth2/access_token", {params: {
code: query.code,
client_id: config.clientId,
client_secret: OAuth.openSecret(config.secret),
redirect_uri: OAuth._redirectUri('weibo', config, null, {replaceLocalhost: true}),
grant_type: 'authorization_code'
}});
} catch (err) {
throw _.extend(new Error("Failed to complete OAuth handshake with Weibo. " + err.message),
{response: err.response});
}
// result.headers["content-type"] is 'text/plain;charset=UTF-8', so
// the http package doesn't automatically populate result.data
response.data = JSON.parse(response.content);
if (response.data.error) { // if the http response was a json object with an error attribute
throw new Error("Failed to complete OAuth handshake with Weibo. " + response.data.error);
} else {
return response.data;
}
};
var getIdentity = function (accessToken, userId) {
try {
return HTTP.get(
"https://api.weibo.com/2/users/show.json",
{params: {access_token: accessToken, uid: userId}}).data;
} catch (err) {
throw _.extend(new Error("Failed to fetch identity from Weibo. " + err.message),
{response: err.response});
}
};
Weibo.retrieveCredential = function(credentialToken, credentialSecret) {
return OAuth.retrieveCredential(credentialToken, credentialSecret);
};
Reference in New Issue View Git Blame Copy Permalink