1

I'm pretty new to Express.js and the Github OAuth api and running into a wall.

The flow I've got going is, the user clicks on a link from the Ember.js application which points to a route on the Express server. Which redirects to the Github oauth route.

router.route('/oauth')
  .get(function(req, res){
    res.redirect('https://github.com/login/oauth/authorize?client_id=XXXX&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fcallback&state=1234')
  })

After the app is authenticated, the user gets redirected back to a callback route

router.route('/callback')
  .get(function(req, res){
    var code = req.query.code
    res.redirect('https://github.com/login/oauth/access_token?client_id=XXXX&client_secret=YYYY&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fgood&code=' + code)
  })

Which comes back with a code. From this point, I use that code to get an access token. The access token comes back but it comes back as a file that downloads to my machine instead of a response to my server. What am I missing?

Improve this question

1 Answer 1

Reset to default
1

Don't do the second redirect. Instead you want to do a GET request for the token exchange. You're redirect url param must match the original redirect url(make sure it is url encoded): http%3A%2F%2Flocalhost%3A8080%2Fcallback 

var https = require('https');

var options = {
  hostname: 'github.com',
  port: 443,
  path: '/login/oauth/access_token?client_id=XXXX&client_secret=YYYY&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fcallback&code=' + code',
  method: 'GET'
};

var req = https.request(options, function(res) {
  console.log("statusCode: ", res.statusCode);
  console.log("headers: ", res.headers);

  res.on('data', function(d) {
    process.stdout.write(d);
  });
});
req.end();

req.on('error', function(e) {
  console.error(e);
});

https://nodejs.org/api/https.html

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Hey thanks a lot Carter! This worked for me. The only thing I had to tweak is the value for options.hostname. Instead of 'github.com' I had to use 'github.com' to get it to work. Thanks a lot for the help!
do you have any suggestions on how to parse the data that gets returned? It looks like it is coming back as a serialized string. access_token=XXXX&scope=&token_type=bearer
Re: serialized string -- I figured it out actually using require('queryString')

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.