Skip to content

Instantly share code, notes, and snippets.

@darkyen

darkyen/webtask.js

Last active Jul 22, 2016
Embed
What would you like to do?
const Express = require('express');
const request = require('request-promise');
const Twitter = require('twit@2.2.3');
const Webtask = require('webtask-tools');
const jwt = require('jsonwebtoken');
const app = Express();
// A Much better approach which demonstrates API Auth is at
// https://github.com/vikasjayaram/twitter-status-webtask
// This one uses Global Credentials, which should be avoided
// TODO: Remove nested promises.
app.use(function(req, res, next){
// The secrets
const secrets = req.webtaskContext.data;
// Your tenant name on auth0
const tenant = secrets.tenant;
// Replace this with your webtask's deployed url.
const redirectUri = "https://webtask.it.auth0.com/api/run/wt-abhishek_hingnikar-auth0_com-1/tweet";
const AUTH0_CLIENT_ID = secrets.AUTH0_CLIENT_ID; // AUTH0_CLIENT_ID
const AUTH0_CLIENT_SECRET = secrets.AUTH0_CLIENT_SECRET; // AUTH0_CLIENT_SECRET
const AUTH0_CLIENT_SECRET_BUFFER = new Buffer(secrets.AUTH_CLIENT_SECRET, 'base64');
function handleFailure(error){
console.log(error);
return res.status(401).json({
message: 'Unauthorized'
});
}
// poor man's passport.js
// No code? Redirect to get code
if(!req.query.code){
const authorizeUrl = `https://${tenant}.auth0.com/authorize?client_id=${AUTH0_CLIENT_ID}&response_type=code&connection=twitter&redirect_uri=${redirectUri}&scope=openid name`
return res.redirect(authorizeUrl);
}else{
// Got code? Lets exchange for OAuth
request.post({
uri: `https://${tenant}.auth0.com/oauth/token`,
body: {
client_id: AUTH0_CLIENT_ID,
client_secret: AUTH0_CLIENT_SECRET,
grant_type: 'authorization_code',
code: req.query.code,
redirect_uri: redirectUri,
},
json: true,
}).then(function(tokens){
// This is all we need at this point.
jwt.verify(tokens.id_token, AUTH0_CLIENT_SECRET_BUFFER ,function(err, decoded){
if(err){
return handleFailure();
}
req.user = decoded;
next();
});
}, handleFailure);
}
});
app.get('/', function(req, res){
const secrets = req.webtaskContext.data;
const MGMT_API_TOKEN = secrets.MGMT_API_TOKEN; // Key from MGMT api console with read:idp_access_tokens
const tenant = secrets.tenant; // if your domain is some-game.auth0.com it should be some-game
const TWITTER_CONSUMER_KEY = secrets.TWITTER_CONSUMER_KEY; // Twitter consumer key
const TWITTER_CONSUMER_SECRET = secrets.TWITTER_CONSUMER_SECRET; // Twitter consumer secret
function handleFailure(error){
return res.status(500).json({
message: error.message
});
}
request.get(`https://${tenant}.auth0.com/api/v2/users/${req.user.sub}`,{
headers: {
'Authorization': `Bearer ${MGMT_API_TOKEN}`
},
json: true
}).then(function(user){
const twitterUser = user.identities.filter(function(identity){
return identity.provider === 'twitter';
})[0];
if(!twitterUser){
return res.json({
message: 'You should login using twitter for this to work'
});
}
const client = new Twitter({
consumer_key: TWITTER_CONSUMER_KEY,
consumer_secret: TWITTER_CONSUMER_SECRET,
access_token: twitterUser.access_token,
access_token_secret: twitterUser.access_token_secret,
});
client.post('statuses/update', {
status: 'This was tweeted from a WebApp that took 15m to write & deploy. 10 were spent writing this msg @webtaskio + @auth0 = https://goo.gl/bCOLgm'
}).then(function(){
return res.status(200).json({
message: `Hi ${req.user.name}, I just tweeted the message on your behalf, now that you are here might I suggest exploring the techstack behind it?`,
stack: {
webtask: {
home: 'https://webtask.io/',
desc: 'FAAS to Deploy serverless apps in minutes!'
},
auth0: {
home: 'https://auth0.com/',
desc: 'Identity Platform that is built for developers!'
},
},
source: 'https://gist.github.com/darkyen/08f88e5d66e8fd42eb38d8cd4227dde5',
});
}, handleFailure);
}, handleFailure);
});
module.exports = Webtask.fromExpress(app);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.