Skip to content

Latest commit

 

History

History
70 lines (49 loc) · 1.72 KB

File metadata and controls

70 lines (49 loc) · 1.72 KB

Authorize URI Extension

Generate Authorize URI.

Install

yarn add @rc-ex/authorize-uri

Usage

import RingCentral from '@rc-ex/core';
import AuthorizeUriExtension from '@rc-ex/authorize-uri';

const rc = new RingCentral(...);
const authorizeUriExtension = new AuthorizeUriExtension();
await rc.installExtension(authorizeUriExtension);
const authorizeUri = authorizeUriExtension.buildUri({
  state: 'hello',
  redirect_uri: 'https://example.com',
});

For a working sample, please check this test case.

PKCE

Ref: https://medium.com/ringcentral-developers/use-authorization-code-pkce-for-ringcentral-api-in-client-app-e9108f04b5f0

First and foremost, you should not specify client secret in your project, that's the whole point of PKCE.

Secondly, specify code_challenge_method: 'S256':

const authorizeUri = authorizeUriExtension.buildUri({
  state: 'hello',
  redirect_uri: 'https://example.com',
  code_challenge_method: 'S256',
});

And you should save the codeVerifier:

const codeVerifier = authorizeUriExtension.codeVerifier;

You may need to persist codeVerifier in case browser web page refreshes.

And when you make the authorize API call, remember to specify code_verifier:

await rc.authorize({
  code: '...',
  redirect_uri: '...',
  code_verifier: codeVerifier,
});

PKCE demo

Base Authorization URI

Optionally, you can specify baseAuthorizationUri as parameter to the constructor of this extension. If it's not specified, ${rc.rest.server}/restapi/oauth/authorize is used as baseAuthorizationUri.