Add example oauth server

Kit · Sep 9, 2024 · d364535 · d364535
1 parent f7540ec
commit d364535
Show file tree

Hide file tree

Showing 8 changed files with 923 additions and 0 deletions.
diff --git a/oauth-express/.gitignore b/oauth-express/.gitignore
@@ -0,0 +1,3 @@
+node_modules
+.env
+*.pem
diff --git a/oauth-express/.node-version b/oauth-express/.node-version
@@ -0,0 +1 @@
+v22.1.0
diff --git a/oauth-express/README.md b/oauth-express/README.md
@@ -0,0 +1,46 @@
+# Example OAuth Express Server
+
+> This directory contains an example express server for demonstrating authenticating with Kit with OAuth for use in the V4 API.
+
+## Usage
+
+1. First you must create your app inside the Kit Developer Settings
+
+2. Then configure API Access:
+
+        Authorization URL: https://localhost:8080/oauth/kit
+             Redirect URI: https://localhost:8080/oauth/kit/callback
+
+3. Create `.env` file and add the client ID and secret from the Developer Settings:
+
+        KIT_OAUTH_CLIENT_ID="FILL ME IN"
+        KIT_OAUTH_CLIENT_SECRET="FILL ME IN"
+
+4. Install dependencies
+
+        npm install
+
+5. Generate TLS certificate
+
+        mkcert example.com "*.example.com" example.test localhost 127.0.0.1 ::1
+
+    Place cert in `example.com.pem` & `example.com-key.pem`
+
+6. Start server
+
+        npm start
+
+        > [email protected] start
+        > node --env-file .env index.js
+
+        Kit OAuth Configuration {
+          authorizationURL: 'https://app.convertkit.com/oauth/authorize',
+          tokenURL: 'https://app.convertkit.com/oauth/token',
+          clientID: '*******************************************',
+          clientSecret: '*******************************************',
+          callbackURL: 'https://localhost:8080/oauth/kit/callback'
+        }
+        Listening on :8080
+
+7. From here, clicking the "Install" button in the app directory will initiate the OAuth
+   flow by first going to your configured Authorization URL
diff --git a/oauth-express/config.js b/oauth-express/config.js
@@ -0,0 +1,16 @@
+const fs = require("fs");
+const path = require("path");
+
+const SCHEME = process.env.SCHEME || "https";
+const HOST = process.env.HOST || "localhost";
+const PORT = Number.parseInt(process.env.PORT || "8080");
+const HTTPS_KEY = fs.readFileSync(path.join(__dirname, "example.com-key.pem"));
+const HTTPS_CERT = fs.readFileSync(path.join(__dirname, "example.com.pem"));
+
+module.exports = {
+  SCHEME,
+  HOST,
+  PORT,
+  HTTPS_CERT,
+  HTTPS_KEY,
+};
diff --git a/oauth-express/index.js b/oauth-express/index.js
@@ -0,0 +1,22 @@
+const https = require("https");
+const express = require("express");
+const passport = require("passport");
+
+const { HOST, PORT, HTTPS_KEY, HTTPS_CERT } = require("./config");
+const KitOAuth = require("./kit-oauth");
+
+const app = express();
+const server = https.createServer({ key: HTTPS_KEY, cert: HTTPS_CERT }, app);
+
+passport.use(KitOAuth);
+app.get("/oauth/kit", passport.authenticate("oauth2"));
+app.get(
+  "/oauth/kit/callback",
+  passport.authenticate("oauth2", {
+    session: false,
+    failureRedirect: "/login",
+  }),
+  (req, res) => res.redirect(KitOAuth.KIT_OAUTH_INSTALL_REDIRECT)
+);
+
+server.listen(PORT, HOST, () => console.log(`Listening on :${PORT}`));
diff --git a/oauth-express/kit-oauth.js b/oauth-express/kit-oauth.js
@@ -0,0 +1,51 @@
+const { Strategy: OAuth2Strategy } = require("passport-oauth2");
+const { SCHEME, HOST, PORT } = require("./config");
+
+const KIT_SERVER = process.env.KIT_SERVER || "convertkit.com";
+const KIT_OAUTH_CLIENT_ID = process.env.KIT_OAUTH_CLIENT_ID || "FILL ME IN";
+const KIT_OAUTH_CLIENT_SECRET =
+  process.env.KIT_OAUTH_CLIENT_SECRET || "FILL ME IN";
+const KIT_OAUTH_AUTHORIZATION_URL = `https://app.${KIT_SERVER}/oauth/authorize`;
+const KIT_OAUTH_TOKEN_URL = `https://app.${KIT_SERVER}/oauth/token`;
+const KIT_OAUTH_CALLBACK_URL = `${SCHEME}://${HOST}:${PORT}/oauth/kit/callback`;
+const KIT_OAUTH_INSTALL_REDIRECT = `https://app.${KIT_SERVER}/apps?success=true`;
+
+OAuth2Strategy.prototype.userProfile = function (accessToken, done) {
+  this._oauth2.get(
+    `https://api.${KIT_SERVER}/v4/account`,
+    accessToken,
+    (err, body, res) => {
+      if (err) {
+        return done(new Error("Failed to fetch user profile"));
+      }
+      const json = JSON.parse(body);
+      done(null, json);
+    }
+  );
+};
+
+const oauthConfiguration = {
+  authorizationURL: KIT_OAUTH_AUTHORIZATION_URL,
+  tokenURL: KIT_OAUTH_TOKEN_URL,
+  clientID: KIT_OAUTH_CLIENT_ID,
+  clientSecret: KIT_OAUTH_CLIENT_SECRET,
+  callbackURL: KIT_OAUTH_CALLBACK_URL,
+};
+const KitOAuth = new OAuth2Strategy(
+  oauthConfiguration,
+  (accessToken, refreshToken, profile, cb) => {
+    // Find or create user in database
+    const user = {
+      kitId: profile.account.id,
+      kitAccessToken: accessToken,
+      kitRefreshToken: refreshToken,
+    };
+    console.log("Authenticated Kit user", { user, profile });
+    return cb(null, user);
+  }
+);
+
+console.log("Kit OAuth Configuration", oauthConfiguration);
+
+module.exports = KitOAuth;
+module.exports.KIT_OAUTH_INSTALL_REDIRECT = KIT_OAUTH_INSTALL_REDIRECT;