Dropbox api V2,在查询参数中获取访问令牌而不是 url 哈希 (#) (Nodejs)
Dropbox api V2, get access token in query param instead of url hash (#) (Nodejs)
我在我的 Nodejs 应用程序上使用 official Dropbox API (V2)。
这听起来像是一个愚蠢的问题,但我真的 无法找到如何从回调 url 中获取给定的访问令牌。实际上,它应该在 url 的散列 (#) 部分(根据他们的文档和 javascript client-side exemple),这是不可见的服务器端...
我找不到任何来自 nodejs 应用程序的身份验证示例,仅使用基本 api。
这是我的验证码:
我的快递应用:
//Entry point, DC is a DropboxConnector object
app.get('/connect/Dropbox', function(req, res) {
console.log('/connect/Dropbox called');
res.redirect(DC.getConnexionURL());
});
// Callback from the authentication
app.get('/authDropbox', function(req, res) {
console.log("/authDropbox called");
console.log(url.format(req.protocol + '://' + req.get('host') + req.originalUrl));
// The above log is: 'http://localhost:8080/authDropbox'
// Here is the problem, the access token is unreachable by express
DC.getToken(req.query.code, res);
connectorList.push(DC);
});
DropboxConnector.js,我的保管箱 api 包装器:
var REDIRECT_URI = 'http://localhost:8080/authDropbox';
//The authentication url given by the dropbox api
getConnexionURL() {
dbx = new Dropbox({ clientId: CLIENT_ID});
var authUrl = dbx.getAuthenticationUrl(REDIRECT_URI);
console.log("AuthURL: " + authUrl);
return authUrl;
}
// @param code is supposed to be the access token...
getToken(code, res) {
if (!!code) {
dbx = new Dropbox({ accessToken: code });
console.log("Authenticated!");
res.redirect(CALLBACK_URL);
} else {
console.log("No code here");
}
}
感谢帮助!
没错,片段的内容 a.k.a。哈希对服务器不可见,仅客户端(浏览器)可见。 OAuth 2 "token" 流程在片段上发送访问令牌,主要用于客户端应用程序,例如浏览器中的 JavaScript。 OAuth 2 "code" 流程改为将授权码作为 URL 参数发送给服务器端应用程序。
如果您有兴趣,可以在 Dropbox /oauth2/authorize documentation.
中找到有关两种不同流程的更多信息
不幸的是,Dropbox API v2 JavaScript SDK 目前仅支持 "token" 流程,但 we're tracking this as a feature request for support for the "code" flow。
如果不想直接调用HTTP,可以使用我的小dropbox-v2-api封装包:
const dropboxV2Api = require(dropbox-v2-api');
const dropbox = dropboxV2Api.authenticate({
client_id: 'APP_KEY',
client_secret: 'APP_SECRET',
redirect_uri: 'REDIRECT_URI'
});
//generate and visit authorization sevice
const authUrl = dropbox.generateAuthUrl();
//after redirection, you should receive code
dropbox.getToken(code, (err, response) => {
//you are authorized now!
});
完整示例 (see here):
const dropboxV2Api = require(dropbox-v2-api');
const Hapi = require('hapi');
const fs = require('fs');
const path = require('path');
const Opn = require('opn');
const credentials = JSON.parse(fs.readFileSync(path.join(__dirname, 'credentials.json')));
//set auth credentials
const dropbox = dropboxV2Api.authenticate({
client_id: credentials.APP_KEY,
client_secret: credentials.APP_SECRET,
redirect_uri: 'http://localhost:5000/oauth'
});
//prepare server & oauth2 response callback
const server = new Hapi.Server();
server.connection({ port: 5000 });
server.route({
method: 'GET',
path: '/oauth',
handler: function (request, reply) {
var params = request.query;
dropbox.getToken(params.code, function(err, response){
console.log('user\'s access_token: ',response.access_token);
//call api
dropbox({
resource: 'users/get_current_account'
}, function(err, response){
reply({response: response});
});
});
}
});
server.start(function(){
//open authorization url
Opn(dropbox.generateAuthUrl());
});
我在我的 Nodejs 应用程序上使用 official Dropbox API (V2)。 这听起来像是一个愚蠢的问题,但我真的 无法找到如何从回调 url 中获取给定的访问令牌。实际上,它应该在 url 的散列 (#) 部分(根据他们的文档和 javascript client-side exemple),这是不可见的服务器端...
我找不到任何来自 nodejs 应用程序的身份验证示例,仅使用基本 api。
这是我的验证码:
我的快递应用:
//Entry point, DC is a DropboxConnector object
app.get('/connect/Dropbox', function(req, res) {
console.log('/connect/Dropbox called');
res.redirect(DC.getConnexionURL());
});
// Callback from the authentication
app.get('/authDropbox', function(req, res) {
console.log("/authDropbox called");
console.log(url.format(req.protocol + '://' + req.get('host') + req.originalUrl));
// The above log is: 'http://localhost:8080/authDropbox'
// Here is the problem, the access token is unreachable by express
DC.getToken(req.query.code, res);
connectorList.push(DC);
});
DropboxConnector.js,我的保管箱 api 包装器:
var REDIRECT_URI = 'http://localhost:8080/authDropbox';
//The authentication url given by the dropbox api
getConnexionURL() {
dbx = new Dropbox({ clientId: CLIENT_ID});
var authUrl = dbx.getAuthenticationUrl(REDIRECT_URI);
console.log("AuthURL: " + authUrl);
return authUrl;
}
// @param code is supposed to be the access token...
getToken(code, res) {
if (!!code) {
dbx = new Dropbox({ accessToken: code });
console.log("Authenticated!");
res.redirect(CALLBACK_URL);
} else {
console.log("No code here");
}
}
感谢帮助!
没错,片段的内容 a.k.a。哈希对服务器不可见,仅客户端(浏览器)可见。 OAuth 2 "token" 流程在片段上发送访问令牌,主要用于客户端应用程序,例如浏览器中的 JavaScript。 OAuth 2 "code" 流程改为将授权码作为 URL 参数发送给服务器端应用程序。
如果您有兴趣,可以在 Dropbox /oauth2/authorize documentation.
中找到有关两种不同流程的更多信息不幸的是,Dropbox API v2 JavaScript SDK 目前仅支持 "token" 流程,但 we're tracking this as a feature request for support for the "code" flow。
如果不想直接调用HTTP,可以使用我的小dropbox-v2-api封装包:
const dropboxV2Api = require(dropbox-v2-api');
const dropbox = dropboxV2Api.authenticate({
client_id: 'APP_KEY',
client_secret: 'APP_SECRET',
redirect_uri: 'REDIRECT_URI'
});
//generate and visit authorization sevice
const authUrl = dropbox.generateAuthUrl();
//after redirection, you should receive code
dropbox.getToken(code, (err, response) => {
//you are authorized now!
});
完整示例 (see here):
const dropboxV2Api = require(dropbox-v2-api');
const Hapi = require('hapi');
const fs = require('fs');
const path = require('path');
const Opn = require('opn');
const credentials = JSON.parse(fs.readFileSync(path.join(__dirname, 'credentials.json')));
//set auth credentials
const dropbox = dropboxV2Api.authenticate({
client_id: credentials.APP_KEY,
client_secret: credentials.APP_SECRET,
redirect_uri: 'http://localhost:5000/oauth'
});
//prepare server & oauth2 response callback
const server = new Hapi.Server();
server.connection({ port: 5000 });
server.route({
method: 'GET',
path: '/oauth',
handler: function (request, reply) {
var params = request.query;
dropbox.getToken(params.code, function(err, response){
console.log('user\'s access_token: ',response.access_token);
//call api
dropbox({
resource: 'users/get_current_account'
}, function(err, response){
reply({response: response});
});
});
}
});
server.start(function(){
//open authorization url
Opn(dropbox.generateAuthUrl());
});