Meteor.js和Custom OpenId Connect服务器

Question

Meteor.js和Custom OpenId Connect服务器

Pav*_*mar 5 meteor meteor-accounts

如何通过Meteor.js中的自定义令牌服务器进行身份验证？

是否有像自定义令牌服务器的帐户-ogle这样的包,只需将令牌端点,客户端ID,秘密和范围作为配置参数来处理身份验证.

Answer 1

jru*_*ann 5

我不知道通用的oauth包.但是为特定服务器编写一个包不应该太难,因为有很多例子需要考虑.

使用accounts-github作为示例,这是在客户端上建立连接的代码.请注意端点URL,客户端ID,范围等.这将为您处理弹出窗口,但您可能希望包含自定义CSS:

var loginUrl =
  'https://github.com/login/oauth/authorize' +
  '?client_id=' + config.clientId +
  '&scope=' + flatScope +
  '&redirect_uri=' + OAuth._redirectUri('github', config) +
  '&state=' + OAuth._stateParam(loginStyle, credentialToken);

OAuth.launchLogin({
  loginService: "github",
  loginStyle: loginStyle,
  loginUrl: loginUrl,
  credentialRequestCompleteCallback: credentialRequestCompleteCallback,
  credentialToken: credentialToken,
  popupOptions: {width: 900, height: 450}
});

Run Code Online (Sandbox Code Playgroud)

这是服务器端的一个片段,完成获取访问令牌的过程:

var getAccessToken = function (query) {
  var config = ServiceConfiguration.configurations.findOne({service: 'github'});
  if (!config)
    throw new ServiceConfiguration.ConfigError();

  var response;
  try {
    response = HTTP.post(
      "https://github.com/login/oauth/access_token", {
        headers: {
          Accept: 'application/json',
          "User-Agent": userAgent
        },
        params: {
          code: query.code,
          client_id: config.clientId,
          client_secret: OAuth.openSecret(config.secret),
          redirect_uri: OAuth._redirectUri('github', config),
          state: query.state
        }
      });
  } catch (err) {
    throw _.extend(new Error("Failed to complete OAuth handshake with Github. " + err.message),
                   {response: err.response});
  }
  if (response.data.error) { // if the http response was a json object with an error attribute
    throw new Error("Failed to complete OAuth handshake with GitHub. " + response.data.error);
  } else {
    return response.data.access_token;
  }
};

Run Code Online (Sandbox Code Playgroud)

并利用令牌获取用户身份:

var getIdentity = function (accessToken) {
  try {
    return HTTP.get(
      "https://api.github.com/user", {
        headers: {"User-Agent": userAgent}, // http://developer.github.com/v3/#user-agent-required
        params: {access_token: accessToken}
      }).data;
  } catch (err) {
    throw _.extend(new Error("Failed to fetch identity from Github. " + err.message),
                   {response: err.response});
  }
};

Run Code Online (Sandbox Code Playgroud)

在github上和账户,GitHub的包装应尽可能引用非常有帮助.

归档时间：	10 年，7 月前
查看次数：	1118 次
最近记录：	10 年，7 月前