An exercise for understanding the OAuth2 Web Protocol "flow" using the GitHub API. Follow the below steps:
- Sign up for a new application on GitHub.
- Install the app and set up your environment.
- Implement the "flow."
- Register your app under your GitHub settings
- Fill out the form with the following application info and then click
"Register application":
- Application Name:
Express OAuth App - Homepage URL:
http://localhost - Authorization callback URL:
http://localhost:9888/oauth_callback
- Application Name:
- You should see something similar to this:
- Take note of the Client ID and Client Secret (for below...)
- Fork this app, and clone the forked version to your local environment.
- Install necessary packages with
npm install. - Run the application (however you run your Express apps).
- If, when you run your app, you receive the message:
Server running on port 9888...
OAuth ID not in environment!
OAuth Secret not in environment!
... you will need to add your environmental variables. Using either
dotenv or by loading them in your
.bash_profile or .bashrc, include the Client ID and Client Secret from
GitHub as the keys GITHUB_OAUTH_ID and GITHUB_OAUTH_SECRET.
- Following the (below) docs and the OAuth 2 flow diagram, add the necessary code to the stubbed out routes to implement the GitHub Web flow:
- If you need help at any time, check out the provided solution! To do this:
- Run
git checkout solution, and then look at the code in Sublime.
- If you have any changes that might be affected by this, you may have to
either add them or
"stash" them
before you checkout the
solutiontagged commit.
- When you're ready, return to your work by running
git checkout master.
- Run
