使用node.js清理Instagram oauth并表达和最小化中间件

时间:2014-07-26 20:14:12

标签: node.js curl express oauth-2.0 instagram

我试图获得一个干净的Instagram oauth,而不依赖于护照或Instagram节点等中间件来学习该过程并获得最大程度的控制。我一直在尝试遵循Instagram服务器端(显式)流程,这是一个两步操作:

  1. 请求访问代码
  2. 请求访问令牌

    3. 现在我的服务器设置使用:

    express         = require('express'),
app             = express();

    并启动我正在使用的第一步:

    app.get('/', function(req, res){
  var url = 'https://api.instagram.com/oauth/authorize/?client_id='+CLIENT-ID+'&redirect_uri='+YOUR-REDIRECT-URI+'&response_type=code'
  res.redirect(url);
});

    上面的步骤正确地将我发送到instagram进行身份验证,然后在Instagram的重定向回调中获取,此时console.log会显示正确的instagram代码。但res.set部分是错误的,不起作用。

    app.get('/auth/instagram/callback', function(req, res){

  console.log('/// here to keep track of how many times this is called');
  console.log('Instagram code: ', req.query.code);

  var url = 'https://api.instagram.com/oauth/access_token';

  res.set({
   'client_id' : 'CLIENT-ID',
   'client_secret' : 'CLIENT-SECRET',
   'grant_type' : 'authorization_code',
   'redirect_uri' : 'YOUR-REDIRECT-URI',
   'code' : req.query.code
  }).redirect(url);

});

    不幸的是,它暂时挂起,显然没有提供正确的数据。

    Instagram建议执行以下操作,但我不确定这将如何转换为快递:

    curl \-F 'client_id=CLIENT-ID' \
  -F 'client_secret=CLIENT-SECRET' \
  -F 'grant_type=authorization_code' \
  -F 'redirect_uri=YOUR-REDIRECT-URI' \
  -F 'code=CODE' \https://api.instagram.com/oauth/access_token

    对此有任何见解将是最受欢迎的!

    感谢您的帮助。

3 个答案:

答案 0 :(得分:1)

以下是OAuth第二部分与Instagram的实际响应!可能不会

var data = {'client_id' : process.env.FANCRAWLCLIENTID,
             'client_secret' : process.env.FANCRAWLCLIENTSECRET,
             'grant_type' : 'authorization_code',
             'redirect_uri' : process.env.INSURIREDIRECT,
             'code' : req.query.code
            };

// Configure the request
var options = {
    uri: 'https://api.instagram.com/oauth/access_token',
    method: 'POST',
    form: data
}

request(options, function (error, response, body) {

  // to convert the string body to a usable object
  var pbody = JSON.parse(body);

  // pbody should look like this:      
  // {"access_token":"8943851.83434d.697342341324jkfdjsf41afd784932a2e8",
  //   "user":
  //     {"username":"my_user_name",
  //     "bio":"blah blah...",
  //     "website":"http:\/\/www.something.com",
  //   "profile_picture":"http:\/\/images.ak.instagram.com\/profiles\/profile_851_73sq_115.jpg",
  //     "full_name":"Full Name",
  //     "id":"8943851"}
  //   }

});

享受!!!

答案 1 :(得分:0)

我建议学习护照代码(特别是instagram)。

在任何情况下,在获得code后(适合您)后,您需要将后端代码中的请求发送到Instagram。所以你的代码看起来更像(我的头脑):

app.get('/auth/instagram/callback', function(req, res){

  console.log('/// here to keep track of how many times this is called');
  console.log('Instagram code: ', req.query.code);

  var data = {
   'url': url
   'client_id' : 'CLIENT-ID',
   'client_secret' : 'CLIENT-SECRET',
   'grant_type' : 'authorization_code',
   'redirect_uri' : 'YOUR-REDIRECT-URI',
   'code' : req.query.code
  };

  var url = 'https://api.instagram.com/oauth/access_token';

  request.post({
  method: 'POST',
  url: url,
  body: JSON.stringify(data),
  },
  function (e, r, body) {
    //body will contain the access_token
   });
});

然后在获得令牌后,您可以设置会话等。

答案 2 :(得分:0)

好的,它可以为特定的API调用发布请求,但还没有OAUTH部分..和WITH instagram安全标头。

此示例是在您拥有用户的访问令牌时跟随用户。

var crypto      = require('crypto'),
    request     = require('request');

var hmac = crypto.createHmac('SHA256', 'INSTAGRAM_CLIENT_ID');
    hmac.setEncoding('hex');
    hmac.write('IP_ADDRESS_127.0.0.1_OR_12.34.56.78');
    hmac.end();
var hash = hmac.read();

// Set the headers
var headers = {
    'X-Insta-Forwarded-For': 'IP_ADDRESS_127.0.0.1_OR_12.34.56.78|'+hash
}

// Configure the request
var options = {
    uri: 'https://api.instagram.com/v1/users/1234/relationship_ OR WHATEVER API CALL',
    qs: {'access_token': 'INSTAGRAM ACCESS TOKEN'},
    method: 'POST',
    headers: headers,
    form:{action:'follow'}
}

request(options, function (error, response, body) {
    // body response is what you are interested in

    // NOTE that the body info is a string response so use var your_variable = JSON.parse(body) to use it as an object.

    // Some exemples bellow

    // USER NOT EXISTANT
    // {"meta":{"error_type":"APINotFoundError","code":400,"error_message":"this user does not exist"}}
    //
    // successful response from unfollow
    // {"meta":{"code":200},"data":{"outgoing_status":"none","target_user_is_private":false}}
    //
    // NOT FOLLOWING OR FOLLOWED BY
    // {"meta":{"code":200},"data":{"outgoing_status":"none","target_user_is_private":false,"incoming_status":"none"}}
    //
    // you are following user 1234 but not followed back by them
    // {"meta":{"code":200},"data":{"outgoing_status":"follows","target_user_is_private":false,"incoming_status":"none"}}
    //
    // Following and followed by
    // {"meta":{"code":200},"data":{"outgoing_status":"follows","target_user_is_private":true,"incoming_status":"followed_by"}}
    //
    // PRIVATE users
    // {"meta":{"code":200},"data":{"outgoing_status":"requested","target_user_is_private":true}}

});

我希望这会有所帮助。

相关问题
最新问题