4 changed files with 140 additions and 0 deletions
@ -0,0 +1,16 @@
@@ -0,0 +1,16 @@
|
||||
const path = require("path"); |
||||
const express = require('express') |
||||
const bodyParser = require('body-parser'); |
||||
const app = express() |
||||
|
||||
app.use(bodyParser.json()); |
||||
app.use(express.static('static')); |
||||
|
||||
//app.get('/', (req, res) => {
|
||||
// res.sendFile(path.join(__dirname + '/index.html'));
|
||||
//})
|
||||
|
||||
app.listen(3000, () => { |
||||
console.log('Example app listening on port 3000!') |
||||
}) |
||||
|
@ -0,0 +1,24 @@
@@ -0,0 +1,24 @@
|
||||
{ |
||||
"name": "oauthpractice", |
||||
"version": "1.0.0", |
||||
"description": "", |
||||
"main": "index.js", |
||||
"scripts": { |
||||
"test": "echo \"Error: no test specified\" && exit 1", |
||||
"start": "node index.js" |
||||
}, |
||||
"repository": { |
||||
"type": "git", |
||||
"url": "git+https://github.com/bobjohnbob/oauthPractice.git" |
||||
}, |
||||
"author": "john@jshaver.net", |
||||
"license": "UNLICENSED", |
||||
"bugs": { |
||||
"url": "https://github.com/bobjohnbob/oauthPractice/issues" |
||||
}, |
||||
"homepage": "https://github.com/bobjohnbob/oauthPractice#readme", |
||||
"dependencies": { |
||||
"body-parser": "^1.18.2", |
||||
"express": "^4.15.5" |
||||
} |
||||
} |
@ -0,0 +1,13 @@
@@ -0,0 +1,13 @@
|
||||
<!DOCTYPE html> |
||||
<html> |
||||
<head> |
||||
<meta charset="utf-8" /> |
||||
<title>Redundant Feed!</title> |
||||
<script type="text/javascript" src="loadfeed.js"></script> |
||||
</head> |
||||
<body> |
||||
<div id="feed"> |
||||
...loading... |
||||
</div> |
||||
</body> |
||||
</html> |
@ -0,0 +1,87 @@
@@ -0,0 +1,87 @@
|
||||
(function(){ |
||||
'use strict'; |
||||
var CLIENT_ID = "1944365805820399"; |
||||
var REDIRECT_URI = "http://localhost:3000/"; |
||||
var AUTH_ENDPOINT = "https://www.facebook.com/v2.10/dialog/oauth"; |
||||
var PERMS = "user_posts"; |
||||
var token = window.localStorage.getItem("token"); |
||||
var state = window.localStorage.getItem("state"); |
||||
if (!state) { |
||||
state = get15RandomSafeChars(); |
||||
window.localStorage.setItem("state", state); |
||||
} |
||||
console.log("state: ", state); |
||||
|
||||
if(window.location.hash !== "") { |
||||
var hashParams = window.location.hash.slice(1).split("&"); |
||||
hashParams = hashParams.reduce(function(obj, param) { |
||||
var parsed = param.split("="); |
||||
obj[parsed[0]] = decodeURIComponent(parsed[1]); |
||||
return obj; |
||||
}, {}); |
||||
|
||||
if(hashParams.access_token) { |
||||
if(hashParams.state === state) { |
||||
token = hashParams.access_token; |
||||
window.localStorage.setItem("token", token); |
||||
} else { |
||||
console.log("Invalid state! Something fishy here. Ignoring token..."); |
||||
console.log("Our state: ", state, " Received state: ", hashParams.state); |
||||
} |
||||
} |
||||
} |
||||
if(!token) { |
||||
console.log("NOT AUTHED!"); |
||||
} else { |
||||
console.log("Probably authed!"); |
||||
} |
||||
|
||||
document.addEventListener('DOMContentLoaded', function() { |
||||
var feed = document.getElementById("feed"); |
||||
if(!token) { |
||||
feed.textContent = "First you need to authorize Facebook to allow me to spy you."; |
||||
var button = document.createElement("Button"); |
||||
button.onclick = function(){redirectToAuthEndpoint(PERMS);}; |
||||
button.value = "authorize"; |
||||
button.type = "button"; |
||||
button.textContent = "AUTHORIZE"; |
||||
feed.appendChild(button); |
||||
} else { |
||||
feed.textContent = "Hello person."; |
||||
} |
||||
|
||||
}); |
||||
|
||||
function redirectToAuthEndpoint(perms) { |
||||
var payload = { |
||||
client_id: CLIENT_ID, |
||||
redirect_uri: REDIRECT_URI, |
||||
state: state, |
||||
response_type: "token", |
||||
scope: perms |
||||
}; |
||||
|
||||
var params = Object.keys(payload).map(function(key) { |
||||
return key + "=" + encodeURIComponent(payload[key]); |
||||
}).join("&"); |
||||
|
||||
window.location = AUTH_ENDPOINT + "?" + params; |
||||
} |
||||
|
||||
function get15RandomSafeChars() { |
||||
var characters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"; |
||||
var string = ""; |
||||
var numbers = [0,1,2].map(function() { |
||||
return Math.floor(Math.random() * Math.pow(2,32)); |
||||
}); |
||||
numbers.forEach(function(num) { |
||||
var bits = num; |
||||
for(var i = 0; i < 5; ++i) { |
||||
string += characters[bits & 0x3f]; |
||||
bits = bits >> 6; |
||||
} |
||||
}); |
||||
return string; |
||||
} |
||||
|
||||
})(); |
Loading…
Reference in new issue