Merge pull request #1 from Frameio/bc-pkce

Add PKCE Example

Author: bceskavich

README.md

@@ -6,9 +6,11 @@
 $ npm install
 ```
 
-## Usage
+## Usage: index.js
 
-Edit the following values in `index.js` to match your OAuth app configuration.
+This example demonstrates a basic client using the Authorization Code grant flow.
+
+Edit the following values in `index.js` to match your OAuth App configuration.
 
  - `clientID`
  - `clientSecret`
@@ -22,3 +24,21 @@ $ node index.js
 ```
 
 The application will be available at `http://localhost:5050`.
+
+## Usage: pkce.js
+
+This example demonstrates a basic client using the Authorization Code grant flow with [Proof Key for Code Exchange (PKCE)](https://oauth.net/2/pkce/).
+
+Edit the following values in `index.js` to match your OAuth App configuration.
+
+ - `clientID`
+ - `callbackURL`
+ - `scopes`
+
+Next, run the application.
+
+```
+$ node pkce.js
+```
+
+The application will be available at `http://localhost:5050`.

index.js

@@ -1,13 +1,17 @@
 const express = require('express');
 const session = require('express-session');
 const bodyParser = require('body-parser');
+
 const app = express();
 const port = 5050;
 
-const clientID = '<CLIENT_ID>';
-const clientSecret = '<CLIENT_SECRET>';
-const callbackURL = '<CALLBACK_URL>';
-const scopes = ['account.read'];
+const clientID = '<YOUR-CLIENT-ID>';
+const clientSecret = '<YOUR-CLIENT-SECRET>';
+const callbackURL = 'http://localhost:5050/callback';
+
+// NOTE: Replace this list of scope strings with whichever you'd like the demo
+// app to request consent.
+const scopes = 'offline account.read asset.create';
 
 const credentials = {
   client: {
@@ -51,6 +55,7 @@ app.get('/callback', async (req, res) => {
     const token = oauth2.accessToken.create(result);
     return res.status(200).json(token)
   } catch (error) {
+    console.error(error);
     return res.status(500).json('Authentication failed');
   }
 })