Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Support the "Code" Authorization flow

See original GitHub issue

Currently, only the token authorization flow is working, which is fine for front end frameworks, but using nodejs, it is way more secure to use the code authorization flow so that the access token is not exposed to users or browser extensions.

I am guessing two things need to be supported here: the clientSecret parameter and a new method for converting a code to an access token.

Issue Analytics

State:
Created 7 years ago
Reactions:2
Comments:12 (8 by maintainers)

Top GitHub Comments

4reactions

b-durcommented, Nov 11, 2016

I need this functionality as well.

But in the meantime I created an “extension” package that does the trick for me. Maybe it could be useful for others too.

It can be found here: https://www.npmjs.com/package/dropbox-client-oauth2

1reaction

greg-dbcommented, Jun 8, 2020

@fadookie @xeektech The getAccessTokenFromCode method has been updated to support a null redirectUri as of v5.0.0.

Top Results From Across the Web

Authorization Code Flow - Auth0

Because regular web apps are server-side apps where the source code is not publicly exposed, they can use the Authorization Code Flow (defined...

Microsoft identity platform and OAuth 2.0 authorization code flow

The OAuth 2.0 authorization code grant type, or auth code flow, enables a client application to obtain authorized access to protected resources ...

What is the OAuth 2.0 Authorization Code Grant Type?

The Authorization Code Flow · The application opens a browser to send the user to the OAuth server · The user sees the...

OAuth Code Flow | Curity Identity Server

It is split into two parts, the authorization flow that runs in the browser where the client redirects to the OAuth server and...

Guide to Authorization Code Flow for OAuth 2.0

In the Authorization Code flow, the server-side component of the web application can freely manage the user's session upon authenticating with the authorization...