Skip to content

Instantly share code, notes, and snippets.

@avalez
Created November 30, 2013 18:33
Show Gist options
  • Save avalez/7722698 to your computer and use it in GitHub Desktop.
Save avalez/7722698 to your computer and use it in GitHub Desktop.
Bitbucket OAuth consumer example (nodejs w. passport)
var passport = require('passport'),
BitbucketStrategy = require('passport-bitbucket').Strategy,
request = require('request');
module.exports = function (app) {
var oauth = {
consumer_key: process.env.BB_CONSUMER_KEY,
consumer_secret: process.env.BB_CONSUMER_SECRET
};
// The Bitbucket authentication strategy authenticates users using
// a Bitbucket account and OAuth tokens.
// The strategy requires a verify callback, which accepts these credentials
// and calls done providing a user, as well as options specifying
// a consumer key, consumer secret, and callback URL.
passport.use(new BitbucketStrategy({
consumerKey: oauth.consumer_key,
consumerSecret: oauth.consumer_secret,
callbackURL: 'http://localhost:5000/auth/bitbucket/callback'
},
function(token, tokenSecret, profile, done) {
var user = profile._json.user;
oauth.token = token;
oauth.token_secret = tokenSecret;
User.findOrCreate(..., function(err, user) {
// TODO: persist ouath.token and oauth.token_secret
done(null, user);
});
}
));
passport.serializeUser(function(user, done) {
done(null, user.username);
});
passport.deserializeUser(function(userId, done) {
User.find(userId, function(err, user) {
// TODO: update ouath.token and oauth.token_secret
done(null, {username: userId});
});
});
// Redirect the user to Bitbucket for authentication. When
// complete, it will redirect the user back to the application at
// /auth/bitbucket/callback
app.get('/auth/bitbucket', passport.authenticate('bitbucket'));
// The OAuth provider has redirected the user back to the application.
// Finish the authentication process by attempting to obtain an access
// token. If authorization was granted, the user will be logged in.
// Otherwise, authentication has failed.
app.get('/auth/bitbucket/callback',
passport.authenticate('bitbucket', { successRedirect: '/',
failureRedirect: '/login' }));
// Our API to check if user is authenticated
app.get('/api/login', function(req, res) {
if (!req.isAuthenticated()) {
res.send(401);
} else {
// Access secure resource
request.get({url: 'https://api.bitbucket.org/1.0/user/', oauth: oauth},
function(err, res, json) {
console.log(err);
console.log(json);
});
res.send(req.user);
}
});
};
@gabhi
Copy link

gabhi commented Mar 20, 2014

how will you deal with multiple auth providers? like twitter and linkedin on the same page
var oauth = {
consumer_key: process.env.BB_CONSUMER_KEY,
consumer_secret: process.env.BB_CONSUMER_SECRET
};

@sumtb
Copy link

sumtb commented Mar 28, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment