Develop Reference

How should I handle my response from the error on NODEJS?

I am trying to use a username and password to login in website and get the session token.
The username and password actually works and it logins in the system but the problem is that the session token shows inside the error response.
Is it a good idea to parse the error and get session token?
Why its shown inside the error?
Here is the code:
const rp = require('request-promise')
const options = {
method: 'POST',
uri: 'https://superset.simurgbilisim.com/login/',
json: true,
form: {
username: 'test',
password: 'test'
}
};
rp(options)
.then(function(body) {
console.log(body);
})
.catch(function(err) {
console.log(err);
});

Get oauth2.0 Access token with NodeJS

I'm having trouble getting an access token using node.
I can do it with Postman, but it expires when I restart my computer.
This is the code I made, reading some confusing documentation on the internet.
const axios = require('axios');
const config = {
url: 'https://aurl.com/connect/token',
method: 'get',
client_id: 'CLIENT_ID',
client_secret: 'CLIENT_SECRET',
username: 'email#mail.com.br',
password: '1234',
scope: 'scope',
grant_type: 'password_credentials'
};
axios(config)
.then(function (response) {
console.log(response.data);
})
.catch(function (error) {
console.log(error);
});
I'm not an experienced programmer, I need help. ://

Perform http request with nodeJS (OAuth2)

I'm have to call an API that use OAuth2 with Client Credentials.
I'm having some trouble to do it...
This is the code I produce (using request package) :
const credentials = {
client: {
id: 'MY_ID',
secret: 'My_PASSWORD'
},
auth: {
tokenHost: 'DOMAIN',
tokenPath: 'PATH',
scope: '',
grantType: "client_credentials"
}
};
var options = {
method: 'POST',
url: credentials.auth.tokenHost + credentials.auth.tokenPath,
headers: { 'content-type': 'application/json' },
body: {
grant_type: credentials.auth.grantType,
client_id: credentials.client.id,
client_secret: credentials.client.secret
},
json: true
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
I have this error :
{ error: 'invalid_request',
error_description: 'Missing form parameter: grant_type' }
Maybe I'm missing something.
It would be very nice of you if you can help me to figure it out :)
PS : It works on Postman so my values are correct.

23andMe API error: 'No grant_type provided.' 'invalid_request' OAuth2

I'm authenticating with the 23andMe API with OAuth 2. I'm able to receive the code after the user grants access. I'm currently trying to send a post request to receive the access token. I continue to receive this error:
data:
{ error_description: 'No grant_type provided.',
error: 'invalid_request' } }
I am using the axios package to make my post request. There is an error in my request because I got a successful 200 response and access token when I cuRL:
curl https://api.23andme.com/token/
-d client_id='zzz' \
-d client_secret='zzz' \
-d grant_type='authorization_code' \
-d code=zzz \
-d "redirect_uri=http://localhost:3000/receive_code/"
-d "scope=basic%20rszzz"
I'm able to receive the authorization code from the 23andMe server. I'm then redirected to my application. Here's my GET route:
router.get('/receive_code', function(req, res) {
axios.post('https://api.23andme.com/token/', {
client_id: zzz,
client_secret: zzz,
grant_type: 'authorization_code',
code: req.query.code,
redirect_uri: 'http://localhost:3000/receive_code/',
scope: "basic%20rs3094315"
}).then(function (response) {
console.log(response);
}).catch(function (error) {
console.log(error);
});
});
Any thoughts?

The problem is the form key you've placed in your payload. It should work like this:
axios.post('https://api.23andme.com/token/', {
client_id: zzz,
client_secret: zzz,
grant_type: 'authorization_code',
code: req.query.code
redirect_uri: 'http://localhost:3000/receive_code/',
scope: "basic%20rs3094315"
}).then(function (response) {
console.log(response);
}).catch(function (error) {
console.log(error);
});

I was able to solve the problem by using the simple-oauth2 npm package.
It can be found here: https://www.npmjs.com/package/simple-oauth2#express-and-github-example
// **********23ANDME OAUTH2************
var oauth2 = require('simple-oauth2')({
clientID: 'zzz',
clientSecret: 'zzz',
site: 'https://api.23andme.com',
tokenPath: '/token',
authorizationPath: '/authorize'
});
var authorization_uri = oauth2.authCode.authorizeURL({
redirect_uri: 'http://localhost:3000/receive_code/',
scope: 'basic analyses rs1234567',
state: 'jenvuece2a'
});
// *************************************
// In you view, place "/auth" in your <a> e.g. Click Me
router.get('/auth', function (req, res) {
res.redirect(authorization_uri);
});
router.get('/receive_code', function(req, res) {
var code = req.query.code;
if (!code) {
res.send('Error!!')
} else {
console.log('running');
oauth2.authCode.getToken({
code: code,
redirect_uri: 'http://localhost:3000/receive_code/'
}, saveToken);
function saveToken(error, result) {
if (error) {
console.log('Access Token Error', error.message);
} else {
token = oauth2.accessToken.create(result);
console.log(token);
}
};
res.render('/genetic_report', {layout: 'dash'});
}
});

hapijs-lab: Test a route with a valid session

In my hapijs app I have few routes which require a session, uses hapi-auth-cookie plugin for auth strategy. I want to add few tests (via Lab ) for these routes.
I couldn't find any documentation on how I can setup a test (maybe via before ?) for this scenario. Any help is appreciated. Thanks in advance.

If you only need an authenticated user, just assign the user to the credentials property in tests:
var user = { ... };
server.inject({ method: 'GET', url: '/', credentials: user }, function (res) {
console.log(res.result);
});
Here is an example that demonstrates it:
var Bcrypt = require('bcrypt');
var Hapi = require('hapi');
var HapiAuthCookie = require('hapi-auth-cookie');
var server = new Hapi.Server();
server.connection({ port: 3000 });
var users = {
john: {
username: 'john',
password: '$2a$10$iqJSHD.BGr0E2IxQwYgJmeP3NvhPrXAeLSaGCj6IR/XU5QtjVu5Tm',
name: 'John Doe',
id: '2133d32a'
}
};
var validate = function (request, username, password, callback) {
var user = users[username];
if (!user) {
return callback(null, false);
}
Bcrypt.compare(password, user.password, function (err, isValid) {
callback(err, isValid, { id: user.id, name: user.name });
});
};
server.register(HapiAuthCookie, function (err) {
server.auth.strategy('session', 'cookie', {
password: 'secret',
validateFunc: validate
});
server.route({
method: 'GET',
path: '/',
config: {
auth: 'session',
handler: function (request, reply) {
reply('hello, ' + request.auth.credentials.name);
}
}
});
server.inject({ method: 'GET', url: '/', credentials: users.john }, function (res) {
console.log(res.result);
});
});
Large part of the example was taken from the Authentication Tutorial.

For my need for session during testing, I created hapi-session-inject. Usage is as follows
const server = new Hapi.Server();
const session = new Session(server);
// Callback interface
session.inject('/', (res) => {
...
});
// Promise interface
return session.inject('/').then((res) => {
...
});
Hope it helps.