Skip to content

Files

Latest commit

jackshen310shenxiaojie.316
jackshen310
and
shenxiaojie.316
feat: add realtime-quickstart-react 、realtime-quickstart-vue & quicks…
Feb 11, 2025
397e4c1 · Feb 11, 2025

History

History

quickstart-oauth-server

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
config
config
Feb 11, 2025
scripts
scripts
Feb 11, 2025
src
src
Feb 11, 2025
.gitignore
.gitignore
Feb 11, 2025
README.md
README.md
Feb 11, 2025
README.zh-CN.md
README.zh-CN.md
Feb 11, 2025
eslint.config.cjs
eslint.config.cjs
Feb 11, 2025
package.json
package.json
Feb 11, 2025
tsconfig.json
tsconfig.json
Feb 11, 2025

README.md

Coze OAuth Server Quickstart

【中文版】README.zh-CN.md

This is a sample OAuth server implementation demonstrating different OAuth authentication flows for Coze API integration. It includes examples for Device Code Flow, JWT Authentication, PKCE Flow, and Web OAuth Flow.

Features

  • Device Code Flow (/device-oauth)
  • JWT Authentication (/jwt-oauth)
  • PKCE Flow (/pkce-oauth)
  • Web OAuth Flow (/web-oauth)

Prerequisites

  • Node.js (v16 or higher)
  • npm or yarn
  • Coze Developer Account and API credentials

Setup

  1. Clone the repository
  2. Install dependencies:
npm run run-preinstall
npm install
  1. Configure OAuth credentials:
    • Navigate to each OAuth flow directory under src/
    • Update the corresponding coze_oauth_config.json with your credentials:
      • Device OAuth: src/device-oauth/coze_oauth_config.json
      • JWT OAuth: src/jwt-oauth/coze_oauth_config.json
      • PKCE OAuth: src/pkce-oauth/coze_oauth_config.json
      • Web OAuth: src/web-oauth/coze_oauth_config.json

Running the Servers

Each OAuth flow runs on a different port. You can start them individually:

# Device OAuth Server (Port 3002)
npm run start-device

# JWT OAuth Server (Port 3001)
npm run start-jwt

# PKCE OAuth Server (Port 3003)
npm run start-pkce

# Web OAuth Server (Port 3004)
npm run start-web

API Endpoints

Device OAuth Flow (Port 3002)

  • GET /get_device_code - Get device code
  • POST /get_device_token - Get access token using device code
  • POST /refresh_device_token - Refresh access token

JWT OAuth Flow (Port 3001)

  • POST /get_jwt_token - Get JWT access token

PKCE OAuth Flow (Port 3003)

  • GET /pkce_login - Initiate PKCE login flow
  • POST /get_pkce_token - Exchange authorization code for access token
  • POST /refresh_pkce_token - Refresh access token

Web OAuth Flow (Port 3004)

  • GET /web_login - Initiate web OAuth flow
  • POST /get_web_token - Exchange authorization code for access token
  • POST /refresh_web_token - Refresh access token

Configuration Files

Each OAuth flow requires its own configuration file. Here's what you need to set up:

Device OAuth Config

{
  "client_id": "YOUR_CLIENT_ID",
  "coze_api_base": "https://api.coze.cn"
}

JWT OAuth Config

{
  "client_id": "YOUR_CLIENT_ID",
  "public_key_id": "YOUR_PUBLIC_KEY_ID",
  "private_key": "YOUR_PRIVATE_KEY",
  "coze_api_base": "https://api.coze.cn"
}

PKCE OAuth Config

{
  "client_id": "YOUR_CLIENT_ID",
  "coze_api_base": "https://api.coze.cn"
}

Web OAuth Config

{
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET",
  "coze_api_base": "https://api.coze.cn"
}

Security Notes

  • Never commit your actual OAuth credentials to version control
  • Keep your client secrets and private keys secure
  • Use environment variables for sensitive information in production

License

ISC

Support

For support, please refer to the Coze API documentation or contact the Coze developer support team.