Oauth access_token 与 node.js 和 jawbone-up NPM

Oauth access_token with node.js and jawbone-up NPM

更新:根据以下 Remus 的反馈。

我可以成功授权我的 Web 应用程序并取回 access_tokenrefresh_token。我正在使用不错的 Grant NPM (or is that really grant-express?) to get authenticated (thanks to author Simeon Valichkov).

如何使用 jawbone-upPurest 等 NPM 将 access_token 作为不记名令牌传递到我的 Jawbone API 调用?

问题 #1 - 使用 express-bearer-token 创建此 API 调用并实际取回我的 Jawbone json 数据的最简单方法是什么?

我在页面上看到的是令牌(很长的字符串)而不是 Jawbone json 结果数据。

var express =   require('express')
  , session =   require('express-session')
  , ejs     =   require('ejs')
  , app     =   express()
  , fs      =   require('fs')
  , https   =   require('https')
  , Grant   =   require('grant-express')
  , grant   =   new Grant(require('./config'))
  , bodyParser = require('body-parser')
  , Purest  =   require('purest')
  , jawbone =   new Purest({provider: 'jawbone'})
  , morgan  =   require('morgan')
  , bearerToken = require('express-bearer-token');

    app.set('view engine', 'ejs');
    app.use(bodyParser.urlencoded({extended:true}))
    app.use(session({secret:'grant'}))
    app.use(grant)
    app.use(morgan('combined'))
    app.use(bearerToken());
    app.use(function (req, res) {
        res.send('Token '+req.token);
    });

var $today      = new Date()
var $start      = new Date($today); $start.setDate($today.getDate() -7)
var $end        = new Date($today)
var $startDate  = Math.floor(($start).getTime()/1000)
var $endDate    = Math.floor(($end).getTime()/1000)


    app.get('/sleeps', function (req, res) {

        //res.send(JSON.stringify(req.query.raw, null, 2))

        jawbone.query()
            .select('sleeps')
            .where ({start_date:$startDate, end_date:$endDate})
            .auth(req.token)
            .request(function(err, res, body) {
              // expecting (hoping) to get sleep json here ...??
                var result = JSON.parse(body);
                res.json(result.data.items)
            })
    }); 

// HTTPS
var sslOptions = {
        key     : fs.readFileSync('./.server.key'),
        cert    : fs.readFileSync('./.server.crt')
    };
var secureServer = https.createServer(sslOptions, app).listen(5000, function(){
    console.log('Listening on 5000');
});

我的 Grant 配置文件看起来像这样,似乎是存储我的令牌的明显位置。

module.exports = {

"server": {
    "protocol"      : "https",
    "host"          : "localhost:5000"
    },

'jawbone' : {
    'key'           : '6f**********', 
    'secret'        : '9b918*********************',
    'callback'      : '/sleeps',
    'scope'         : ['basic_read','extended_read','move_read','sleep_read']
    }

};

澄清一下 - 您是在询问如何获取用户在向您的服务器发出请求时使用的令牌?

就我个人而言,我使用了多种方法,特别是使用正则表达式从 headers 中获取 Authorization: Bearer <token>。但最后,我发现使用 Express 时我的 go-to 解决方案是使用 express-bearer-token 中间件:

express = require('express');
bearerToken = require('express-bearer-token');
app = express();

app.use(bearerToken());
app.use(function (req, res) {
    res.send('Token '+req.token);
});

所以在你的情况下,它会很简单:

app.get('/sleeps', function(req, res) {
    jawbone.query()
        .select('sleeps')
        .where ({start_date:'', end_date:''})
        .auth(req.token)
        .request(function(err, res, body) {
            res.json(req.query.raw);
        })
});