lasergoat/index.js

## index.js
const auth      = require('./util/auth-util');
const merchant  = require('./util/merchant-util');

const session = require('express-session');
const passport = require('passport');
const IntuitStrategy = require('passport-intuit-oauth').Strategy;

const port = process.env.PORT || 3000;

console.info(['STARTUP ENVIRONMENT: ', process.env.NODE_ENV || 'unknown'].join(' '));

app.use(cors());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());

app.use(session({
  resave: false,
  saveUninitialized: true,
  secret: process.env.SESSION_SECRET
}));
app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser(function(req, user, done) {
  console.log('serializeUser----user-----', user);
  done(null, user);
});

passport.deserializeUser(function(req, obj, done) {
  console.log('deserializeUser----obj-----', obj);
  done(null, obj);
});

passport.use(
  new IntuitStrategy({
    consumerKey: process.env.INTUIT_CONSUMER_KEY,
    consumerSecret: process.env.INTUIT_CONSUMER_SECRET,
    callbackURL: `http://localhost:${port}/oauth/callback`,
  }, function(token, tokenSecret, profile, done) {
    done(null, profile)
  })
);

// this is the call to start the oauth process
// to hit this route, my user needs a JWT token which I get with middleware
// we give the user a session
app.get('/oauth/intuit/:token',
  jwt({
    secret: process.env.JWT_SECRET,
    getToken: function fromHeaderOrQuerystring (req) {
      return req.params.token;
    }
  }),
  // this middleware finds the user id from the jwt and gets their record out of the DB
  auth.grabAuthSet,
  // this pulls more stuff out of the DB
  auth.grabIntegration,
  function(req, res, next) {
    // now that we have the user's identity from my DB
    // add it to the users' session
    console.log(req._integration.integration_id)
    req.session.integrationId = req._integration.integration_id;
    req.session.user = req._user;
    next();
  },
  passport.authenticate('intuit')
);

// this gets called when Intuit redirects the user back to my server
app.get('/oauth/callback',
  passport.authenticate('intuit', { failureRedirect: '/oauth/error' }),
  merchant.updateMerchantIntegration,
  function(req, res) {
    // we stored the user's identity in a session, so retrieve it and destroy the session
    // we only needed the session till now
    // todo: using the user's identity from my session and the new oauth token in req.query
    // store the token in their DB record and return.
    // most people would want to actually redirect back to their frontend here...
    req.session.destroy(function(err) {
      res.status(200).json(
        'done'
      );
    })
  }
);


app.get('/oauth/error',
  function(req, res) {
    console.log(req.session);
    return res.status(400).json(
      'error'
    );
  }
);

const server = app.listen(port, function() {

  const port = server.address().port;
  const addr = server.address().address;

  console.info('Proxy Gateway listening on http://%s:%s', addr, port);
});

// for testing
module.exports = server;
	const auth = require('./util/auth-util');
	const merchant = require('./util/merchant-util');

	const session = require('express-session');
	const passport = require('passport');
	const IntuitStrategy = require('passport-intuit-oauth').Strategy;

	const port = process.env.PORT \|\| 3000;

	console.info(['STARTUP ENVIRONMENT: ', process.env.NODE_ENV \|\| 'unknown'].join(' '));

	app.use(cors());
	app.use(bodyParser.urlencoded({ extended: false }));
	app.use(bodyParser.json());

	app.use(session({
	resave: false,
	saveUninitialized: true,
	secret: process.env.SESSION_SECRET
	}));
	app.use(passport.initialize());
	app.use(passport.session());

	passport.serializeUser(function(req, user, done) {
	console.log('serializeUser----user-----', user);
	done(null, user);
	});

	passport.deserializeUser(function(req, obj, done) {
	console.log('deserializeUser----obj-----', obj);
	done(null, obj);
	});

	passport.use(
	new IntuitStrategy({
	consumerKey: process.env.INTUIT_CONSUMER_KEY,
	consumerSecret: process.env.INTUIT_CONSUMER_SECRET,
	callbackURL: `http://localhost:${port}/oauth/callback`,
	}, function(token, tokenSecret, profile, done) {
	done(null, profile)
	})
	);

	// this is the call to start the oauth process
	// to hit this route, my user needs a JWT token which I get with middleware
	// we give the user a session
	app.get('/oauth/intuit/:token',
	jwt({
	secret: process.env.JWT_SECRET,
	getToken: function fromHeaderOrQuerystring (req) {
	return req.params.token;
	}
	}),
	// this middleware finds the user id from the jwt and gets their record out of the DB
	auth.grabAuthSet,
	// this pulls more stuff out of the DB
	auth.grabIntegration,
	function(req, res, next) {
	// now that we have the user's identity from my DB
	// add it to the users' session
	console.log(req._integration.integration_id)
	req.session.integrationId = req._integration.integration_id;
	req.session.user = req._user;
	next();
	},
	passport.authenticate('intuit')
	);

	// this gets called when Intuit redirects the user back to my server
	app.get('/oauth/callback',
	passport.authenticate('intuit', { failureRedirect: '/oauth/error' }),
	merchant.updateMerchantIntegration,
	function(req, res) {
	// we stored the user's identity in a session, so retrieve it and destroy the session
	// we only needed the session till now
	// todo: using the user's identity from my session and the new oauth token in req.query
	// store the token in their DB record and return.
	// most people would want to actually redirect back to their frontend here...
	req.session.destroy(function(err) {
	res.status(200).json(
	'done'
	);
	})
	}
	);


	app.get('/oauth/error',
	function(req, res) {
	console.log(req.session);
	return res.status(400).json(
	'error'
	);
	}
	);

	const server = app.listen(port, function() {

	const port = server.address().port;
	const addr = server.address().address;

	console.info('Proxy Gateway listening on http://%s:%s', addr, port);
	});

	// for testing
	module.exports = server;