![sitesucker oauth sitesucker oauth](https://i.ytimg.com/vi/3NmJaRkbqmY/maxresdefault.jpg)
![sitesucker oauth sitesucker oauth](https://img-blog.csdnimg.cn/20190206192722297.jpg)
Possible keys for the object include all supported values for the token request’s grant_type field ( authorization_code, client_credentials, password and refresh_token). If used, this server option must be an object containing properties set to true or false. options.requireClientAuthentication can be used to disable this check for selected grants. If options.allowExtendedTokenAttributes is true any additional properties set on the object returned from Model#saveToken() are copied to the token response sent to the client.īy default all grant types require the client to send it’s client_secret with the token request. Possible errors include but are not limited to: InvalidGrantError: The access token request was invalid or not authorized. Defaults to true for all grant types.Īlways revoke the used refresh token and issue a new one for the refresh_token grant.Ī Promise that resolves to the token object returned from Model#saveToken(). Require a client secret (see remarks section). Lifetime of generated refresh tokens in seconds (default = 2 weeks).Īllow extended attributes to be set on the returned token (see remarks section). Lifetime of generated access tokens in seconds (default = 1 hour). Retrieves a new token for an authorized token request. the user is not logged in) a falsy value should be returned. The authenticateHandler has to be an object implementing a handle(request, response) function that returns a user object. In order to retrieve the user associated with the request, thenticateHandler should be supplied. If equals the string 'false' the access request is denied and the returned promise is rejected with an AccessDeniedError. Possible errors include but are not limited to: AccessDeniedError The resource owner denied the access request (i.e.
SITESUCKER OAUTH CODE
Lifetime of generated implicit grant access token in seconds (default = 1 hr).Ī Promise that resolves to the authorization code object returned from Model#saveAuthorizationCode(). Lifetime of generated authorization codes in seconds (default = 5 minutes). The authenticate handler (see remarks section). 'false' to deny the authorization request (see remarks section). The returned Promise must be ignored if callback is used.Īuthorize(request, response,, ) ¶ Possible errors include but are not limited to: UnauthorizedRequestError: The protected resource request failed authentication. In case of an error, the promise rejects with one of the error types derived from OAuthError. Node-style callback to be used instead of the returned Promise.Ī Promise that resolves to the access token object returned from Model#getAccessToken(). Set the X-OAuth-Scopes HTTP header on response objects.Īllow clients to pass bearer tokens in the query string of a request. Set the X-Accepted-OAuth-Scopes HTTP header on response objects.