OAuth2 授权代码授予流 Node.js 与客户端混合

Question

我正在针对 Fitbit API 执行 OAuth2 身份验证。这一切都使用授权码授予流程。因此，首先获取身份验证代码，将其重定向到我的应用程序，然后将其交换为访问令牌并使用此令牌获取数据。

从主页的“post_request.html”页面开始，按下“fitbit”按钮，用户被重定向到Fitbit的授权端点。我正在使用 Node.js 构建一个本地服务器来托管应用程序并能够毫无问题地重定向..

我的 HTML 文件如下，带有内联脚本..

<!DOCTYPE html>
<html lang = "en">  <!–– language check you can perform ––>

    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1";>                                                             <!–– necessary to make the website responsive, zoom level to 1 ––>
        <title>API Fitbit OAuth2</title>
        <meta name="description" content="Planner for Trail Running">                                                                     <!–– this part will be used in SEM, result of content strategy workshops ––>
        <meta name="author" content="Niels">                                                                         <!–– make sure this refers to the right css sheet ––>
    </head>

    <body>

        <button onclick="fitbitAuth()">Fitbit</button>

        <!-- action = route, method = method -->
        <form action="/" method="POST" id="form">
            <h3>Email Address:</h3>
            <input type="email">
            <br>
            <h3>Password:</h3>
            <input type="password">     
            <br>
            <br>
            <button type="submit">Send Request</button>   
        </form>

    <script>
            // run this script upon landing back on the page with the authorization code 
            var url_terug = window.location.search;
            var auth_code = url_terug.substr(6);
            console.log(auth_code);

            // get the authorization code out of the response 
            // execute a POST request with the right parameters 
            // get the access token out of the JSON response 
            // execute a GET request on the API endpoint 
            // handle the data 

            // upon clicking fitbit button, starting off the oauth2 authentication 
            function fitbitAuth() {

                window.location.href = 'https://www.fitbit.com/oauth2/authorize?client_id=MYCLIENTID&response_type=code&scope=activity&redirect_uri=http://localhost:3000/fitbit&prompt=consent';

            }

        </script>

    </body>
    </html>

我的问题是在 Node.js 方面。我对 Node 很陌生。如何在“app.get(/fitbit)”方法中向页面添加正确的错误处理？

// PROJECT making a POST request 
const express = require("express");
const app = express();
const filesys = require("fs");
const path = require("path");
// body parser module parses form data into server
const body_parse = require("body-parser");

// middleware
app.use('/public', express.static(path.join(__dirname, 'static')));
// allows us to parse url encoded forms 
app.use(body_parse.urlencoded({extended: false}));

// using readstream with chunks in buffer with security on the path 
app.get("/fitbit", (req, res) => {

    const readStream = filesys.createReadStream(path.join(__dirname,'static','post_request.html'));
    res.writeHead(200, {'Content-type' : 'text/html'});
    readStream.pipe(res);

});

// bodyparser parses data and adds to the body of the request 
app.get("/", (req, res, err) => {

    const readStream = filesys.createReadStream(path.join(__dirname,'static','post_request.html'));
    res.writeHead(200, {'Content-type' : 'text/html'});
    readStream.pipe(res);

});

app.listen(3000);

Answer 1

This 描述 Express 中基本错误处理的页面可能对您有所帮助。很难提供更具体的信息，因为我们不知道您预计会遇到什么类型的错误。

如果您是专门针对 createReadStream 的，here 讨论的方法可能对您有所帮助：

readStream = filesys.createReadStream(path.join(__dirname,'static','post_request.html'));
readStream.on('error', function(){ /*handle error*/ });
res.writeHead(200, {'Content-type' : 'text/html'});
readStream.pipe(res);