zoho-oauth-js-lib
v1.0.1
Published
Zoho OAuth Generation Library for Node Apps
Downloads
2
Readme
Zoho-OAuth-JS-Lib
Zoho OAuth Library for Node Apps
This is a simple OAuth helper lib for easily generating server based oauth generation for Node js apps.
Please refer the below page for managing OAuth for Zoho. https://www.zoho.com/mail/help/api/using-oauth-2.html
Steps to use the lib functions:
- First thing we need to do is set up the OAuthConnector using config json. The structure of config json is as follows
{
"client_id" : "Your Client Id",
"client_secret" : "Your Client Secret",
"scopes" : [
"Your scopes as Array"
],
redirect_uri : "Your redirect url configured while client generation"
}
- Then, we need to redirect the user for login and authorization page of zoho accounts. The url for the authorzation step can be generated by the function OAuthConnector :: getAuthorizationUrl. The inputs for this function are
- accessType - Should be offline or online. Values can be refered from ZohoOAuthEnum (Refer https://www.zoho.com/mail/help/api/using-oauth-2.html for more info)
- promptUser - A boolean value. Specifies if the user needs to asked consent for each login
- state - A state variable (A generated value that correlates the callback with its associated authorization request)
We need to redirect the user to this authorization url. For eg., we can show a button like "Access your Zoho Data" and bind this link to that button. Once the user clicks it, Zoho Accounts will take care of authorisation and will redirect to the redirect uri given in client creation step.
Once Zoho Accounts redirects to the redirect uri with code, we can use the function OAuthConnector :: getCodeFromRedirectedUrl to get the code.
Then, we can generate the access token and refresh token using the function, OAuthConnector :: getAccessTokenAndRefreshToken. The inputs to this function are
- code - Code generated after step 2
- state - A state variable This will give the generated token info in the following json schema
{ expires_in : '2021-07-17T09:20:25.190Z' token_type : 'bearer' access_token : 'access token generated' refresh_token : 'refresh token generated' }
This json can be persisted as it is. Moving forward, this json will be refered as tokenInfo. We will need this info while generating another access token once current token expires.
- As we know, the validity of the access token is short and it expires eventually. If we are persisting this and using it later, we can use the function OAuthConnector :: getValidTokenInfo for validating and generating fresh access token if and only if it is expired. The input to this function is the tokenInfo json as given above and the result will be json in the following format.
{ isValid : false, tokenInfo : { expires_in : '2021-07-17T09:20:25.190Z' token_type : 'bearer' access_token : 'access token generated' refresh_token : 'refresh token generated' } }
isValid represents that if the tokenInfo given is not expired. If it is false, the token has expired and a new token has been generated. If we are persisting, we can use this variable to determine, if we need to again persist the token info.