Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
var authorizationURL = spSiteUrl + SP_AUTH_PREFIX;
var appRedirectURL = spSiteUrl + SP_REDIRECT_PREFIX;
// check if there is a app token present
if (spAppToken && spSiteUrl) {
var token = eval(jwt.decode(spAppToken, '', true));
var splitApptxSender = token.appctxsender.split("@");
var sharepointServer = url.parse(spSiteUrl)
var resource = splitApptxSender[0]+"/"+sharepointServer.host+"@"+splitApptxSender[1];
var spappId = this._appId+"@"+splitApptxSender[1];
var appctx = JSON.parse(token.appctx);
var tokenServiceUri = url.parse(appctx.SecurityTokenServiceUri);
var tokenURL = tokenServiceUri.protocol+'//'+tokenServiceUri.host+'/'+splitApptxSender[1]+tokenServiceUri.path;
this._oauth2 = new OAuth2(spappId, this._appSecret, '', authorizationURL, tokenURL);
this._oauth2.getOAuthAccessToken(
token.refreshtoken,
{grant_type: 'refresh_token', refresh_token: token.refreshtoken, resource: resource},
function (err, accessToken, refreshToken, params) {
if (err) { return self.error(new InternalOAuthError('failed to obtain access token', err)); }
if (!refreshToken)
refreshToken = spAppToken;
self._loadUserProfile(accessToken, spSiteUrl, function(err, profile) {
if (err) { return self.error(err); };
function verified(err, user, info) {
if (err) { return self.error(err); }
if (!user) { return self.fail(info); }
self.success(user, info);
}
callback: function() {
var self = this;
var req = self.req;
var query = req.url.query;
req.user.tokens = {};
if (query.error || !query.code) {
self.failed (query.error_description || "token was not accepted");
}
var oa = new OAuth2(vkontakteConfig.appId, vkontakteConfig.appSecret, vkontakteConfig.baseUrl, vkontakteConfig.authorizeUrl, vkontakteConfig.accessTokenUrl);
oa.getOAuthAccessToken(
query.code,
{
redirect_uri: vkontakteConfig.callbackUrl
},
function(error, access_token, refresh_token, results){
if (error || !access_token) {
self.failed(error || 'Bad request!');
} else {
req.user.tokens.oauth_access_token = access_token;
if (refresh_token) req.user.tokens.oauth_refresh_token = refresh_token;
'use strict';
var express = require('express');
var OAuth2 = require('oauth').OAuth2;
var OAUTH_KEY = process.env.OAUTH_KEY;
var OAUTH_SECRET = process.env.OAUTH_SECRET;
var BASEPATH = 'https://gitter.im/';
var REDIRECT = process.env.REDIRECT;
var auth = new OAuth2(OAUTH_KEY, OAUTH_SECRET, BASEPATH, 'login/oauth/authorize', 'login/oauth/token');
var login = (req, res) => {
var url = auth.getAuthorizeUrl({
redirect_uri: REDIRECT,
response_type: 'code'
});
res.redirect(url);
};
var callback = (req, res) => {
var code = req.query.code;
var params = {
redirect_uri: REDIRECT,
grant_type: 'authorization_code'
};
router.github = function(req, res) {
var github = new oauth.OAuth2(
config.github.client_id,
config.github.client_secret,
'https://github.com/login'
);
var redirect_uri = options.base_uri + url.parse(req.url).pathname;
var code = req.param('code');
if (req.session.oauth && req.session.oauth.github && code) {
delete req.session.oauth.github;
var params = {
oauth2: github,
code: code,
redirect_uri: redirect_uri,
get_url: 'http://github.com/api/v2/json/user/show',
keyname: function(data) {
async function getFollowing(handle, consumerKey, consumerSecret) {
const url = 'friends/list';
const oauth2 = new OAuth2(
consumerKey,
consumerSecret,
'https://api.twitter.com/',
null,
'oauth2/token',
null
);
return new Promise(resolve => {
oauth2.getOAuthAccessToken(
'',
{
grant_type: 'client_credentials',
},
(error, accessToken) => {
resolve(accessToken);
function fbOAuth2() {
const appId = keyConverter(process.env.FB_APPIDS);
const secret = keyConverter(process.env.FB_SECRETS);
return new OAuth2(
appId,
secret,
"",
"https://www.facebook.com/dialog/oauth",
"https://graph.facebook.com/oauth/access_token",
null
);
}
this.fetcher.tokenStore.getApplicationTokens( 'appdotnet', function( error, tokens ) {
if( error ) {
done( error );
}
else
{
var OAuth2 = require( 'oauth' ).OAuth2;
this.oauth2 = new OAuth2(
tokens.clientID,
tokens.clientSecret,
"https://alpha.app.net",
"/oauth/authenticate",
"/oauth/access_token" );
done();
}
});
}
async function getRawTweets(handle, consumerKey, consumerSecret) {
const url = 'statuses/user_timeline';
const oauth2 = new OAuth2(
consumerKey,
consumerSecret,
'https://api.twitter.com/',
null,
'oauth2/token',
null
);
return new Promise(resolve => {
oauth2.getOAuthAccessToken(
'',
{
grant_type: 'client_credentials',
},
(error, accessToken) => {
resolve(accessToken);
_post : function (url) {
var self = this;
var req = this.req;
var tokens = req.user.tokens;
var msg = this.message;
var oa = new OAuth2(
facebookConfig.appId,
facebookConfig.appSecret,
facebookConfig.baseUrl
);
var post_headers= {
'Content-Type': 'application/x-www-form-urlencoded'
};
var post_data = msg;
oa._request(
'POST', url,
post_headers, post_data, req.user.tokens.oauth_access_token,
function (error, data) {
if (error) {
self.failed(error);
function daumOAuth2() {
const appId = keyConverter(process.env.DAUM_APPIDS);
const secret = keyConverter(process.env.DAUM_SECRETS);
return new OAuth2(
appId,
secret,
"",
"https://apis.daum.net/oauth2/authorize",
"https://apis.daum.net/oauth2/token",
null
);
}