Add example oauth server

ConvertKit · Sep 9, 2024 · d364535 · d364535
1 parent f7540ec
commit d364535
Show file tree

Hide file tree

Showing 8 changed files with 923 additions and 0 deletions.
diff --git a/oauth-express/.gitignore b/oauth-express/.gitignore
@@ -0,0 +1,3 @@
+node_modules
+.env
+*.pem
diff --git a/oauth-express/.node-version b/oauth-express/.node-version
@@ -0,0 +1 @@
+v22.1.0
diff --git a/oauth-express/README.md b/oauth-express/README.md
@@ -0,0 +1,46 @@
+# Example OAuth Express Server
+
+> This directory contains an example express server for demonstrating authenticating with Kit with OAuth for use in the V4 API.
+
+## Usage
+
+1. First you must create your app inside the Kit Developer Settings
+
+2. Then configure API Access:
+
+  Authorization URL: https://localhost:8080/oauth/kit
+  Redirect URI: https://localhost:8080/oauth/kit/callback
+
+3. Create `.env` file and add the client ID and secret from the Developer Settings:
+
+  KIT_OAUTH_CLIENT_ID="FILL ME IN"
+  KIT_OAUTH_CLIENT_SECRET="FILL ME IN"
+
+4. Install dependencies
+
+  npm install
+
+5. Generate TLS certificate
+
+  mkcert example.com "*.example.com" example.test localhost 127.0.0.1 ::1
+
+ Place cert in `example.com.pem` & `example.com-key.pem`
+
+6. Start server
+
+  npm start
+
+  > [email protected] start
+  > node --env-file .env index.js
+
+  Kit OAuth Configuration {
+  authorizationURL: 'https://app.convertkit.com/oauth/authorize',
+  tokenURL: 'https://app.convertkit.com/oauth/token',
+  clientID: '*******************************************',
+  clientSecret: '*******************************************',
+  callbackURL: 'https://localhost:8080/oauth/kit/callback'
+  }
+  Listening on :8080
+
+7. From here, clicking the "Install" button in the app directory will initiate the OAuth
+ flow by first going to your configured Authorization URL
diff --git a/oauth-express/config.js b/oauth-express/config.js
@@ -0,0 +1,16 @@
+const fs = require("fs");
+const path = require("path");
+
+const SCHEME = process.env.SCHEME || "https";
+const HOST = process.env.HOST || "localhost";
+const PORT = Number.parseInt(process.env.PORT || "8080");
+const HTTPS_KEY = fs.readFileSync(path.join(__dirname, "example.com-key.pem"));
+const HTTPS_CERT = fs.readFileSync(path.join(__dirname, "example.com.pem"));
+
+module.exports = {
+ SCHEME,
+ HOST,
+ PORT,
+ HTTPS_CERT,
+ HTTPS_KEY,
+};
diff --git a/oauth-express/index.js b/oauth-express/index.js
@@ -0,0 +1,22 @@
+const https = require("https");
+const express = require("express");
+const passport = require("passport");
+
+const { HOST, PORT, HTTPS_KEY, HTTPS_CERT } = require("./config");
+const KitOAuth = require("./kit-oauth");
+
+const app = express();
+const server = https.createServer({ key: HTTPS_KEY, cert: HTTPS_CERT }, app);
+
+passport.use(KitOAuth);
+app.get("/oauth/kit", passport.authenticate("oauth2"));
+app.get(
+ "/oauth/kit/callback",
+ passport.authenticate("oauth2", {
+ session: false,
+ failureRedirect: "/login",
+ }),
+ (req, res) => res.redirect(KitOAuth.KIT_OAUTH_INSTALL_REDIRECT)
+);
+
+server.listen(PORT, HOST, () => console.log(`Listening on :${PORT}`));
diff --git a/oauth-express/kit-oauth.js b/oauth-express/kit-oauth.js
@@ -0,0 +1,51 @@
+const { Strategy: OAuth2Strategy } = require("passport-oauth2");
+const { SCHEME, HOST, PORT } = require("./config");
+
+const KIT_SERVER = process.env.KIT_SERVER || "convertkit.com";
+const KIT_OAUTH_CLIENT_ID = process.env.KIT_OAUTH_CLIENT_ID || "FILL ME IN";
+const KIT_OAUTH_CLIENT_SECRET =
+ process.env.KIT_OAUTH_CLIENT_SECRET || "FILL ME IN";
+const KIT_OAUTH_AUTHORIZATION_URL = `https://app.${KIT_SERVER}/oauth/authorize`;
+const KIT_OAUTH_TOKEN_URL = `https://app.${KIT_SERVER}/oauth/token`;
+const KIT_OAUTH_CALLBACK_URL = `${SCHEME}://${HOST}:${PORT}/oauth/kit/callback`;
+const KIT_OAUTH_INSTALL_REDIRECT = `https://app.${KIT_SERVER}/apps?success=true`;
+
+OAuth2Strategy.prototype.userProfile = function (accessToken, done) {
+ this._oauth2.get(
+ `https://api.${KIT_SERVER}/v4/account`,
+ accessToken,
+ (err, body, res) => {
+ if (err) {
+ return done(new Error("Failed to fetch user profile"));
+ }
+ const json = JSON.parse(body);
+ done(null, json);
+ }
+ );
+};
+
+const oauthConfiguration = {
+ authorizationURL: KIT_OAUTH_AUTHORIZATION_URL,
+ tokenURL: KIT_OAUTH_TOKEN_URL,
+ clientID: KIT_OAUTH_CLIENT_ID,
+ clientSecret: KIT_OAUTH_CLIENT_SECRET,
+ callbackURL: KIT_OAUTH_CALLBACK_URL,
+};
+const KitOAuth = new OAuth2Strategy(
+ oauthConfiguration,
+ (accessToken, refreshToken, profile, cb) => {
+ // Find or create user in database
+ const user = {
+ kitId: profile.account.id,
+ kitAccessToken: accessToken,
+ kitRefreshToken: refreshToken,
+ };
+ console.log("Authenticated Kit user", { user, profile });
+ return cb(null, user);
+ }
+);
+
+console.log("Kit OAuth Configuration", oauthConfiguration);
+
+module.exports = KitOAuth;
+module.exports.KIT_OAUTH_INSTALL_REDIRECT = KIT_OAUTH_INSTALL_REDIRECT;