Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

ebay-oauth-nodejs-client

Package Overview
Dependencies
Maintainers
2
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

ebay-oauth-nodejs-client

Get oauth2 token for ebay developer application

  • 1.2.2
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
6.6K
increased by7.91%
Maintainers
2
Weekly downloads
 
Created
Source

Ebay Oauth Client

This code allows developers to fetch an OAuth token that can be used to call the eBay Developer REST APIs. The code is intended for use with Node.js.

npm version Build Status

Table of Contents

What is OAuth

OAuth 2.0 is the most widely used standard for authentication and authorization for API based access. The complete end to end documentation on how eBay OAuth functions may be used is available at developer.ebay.com. See: https://developer.ebay.com/api-docs/static/oauth-tokens.html

Installation

Using npm:

npm install ebay-oauth-nodejs-client

Using yarn:

yarn add ebay-oauth-nodejs-client

Usage

EbayAuthToken(config)

Create a new instance of EbayAuthToken with a relevant config.

const EbayAuthToken = require('ebay-oauth-nodejs-client');

const ebayAuthToken = new EbayAuthToken({
    clientId: '<your_client_id>',
    clientSecret: '<your_client_secret>',
    redirectUri: '<redirect uri>'
});
ebayAuthToken.getApplicationToken(environment)

Generate client credential token.

(async () => {
    const token = await ebayAuthToken.getApplicationToken('PRODUCTION');
    console.log(token);
})();
ebayAuthToken.generateUserAuthorizationUrl(environment, scopes[, options])

Generate user consent authorization url.

(() => {
    const authUrl = ebayAuthToken.generateUserAuthorizationUrl('PRODUCTION', scopes);
    console.log(authUrl);
})();

You can also provide optional values:
state: An opaque value used by the client to maintain state between the request and callback.
prompt: Force a user to log in when you redirect them to the Grant Application Access page, even if they already have an existing user session.

The method call above could also be done as

(() => {
    const options = { state: 'custom-state-value', prompt: 'login' };
    const authUrl = ebayAuthToken.generateUserAuthorizationUrl('PRODUCTION', scopes, options);
    console.log(authUrl);
})();
ebayAuthToken.exchangeCodeForAccessToken(environment, code)

Getting a User access token.

(async () => {
    const accessToken = await ebayAuthToken.exchangeCodeForAccessToken('PRODUCTION', code);
    console.log(accessToken);
})();
ebayAuthToken.getAccessToken(environment, refreshToken, scopes)

Using a refresh token to update a User access token (Updating the expired access token).

(async () => {
    const accessToken = await ebayAuthToken.getAccessToken('PRODUCTION', refreshToken, scopes);
    console.log(accessToken);
})();

Library Setup and getting started

  1. Invoke the oauth ebay library as given below
const EbayAuthToken = require('ebay-oauth-nodejs-client');
const ebayAuthToken = new EbayAuthToken({
    filePath: 'demo/eBayJson.json' // input file path.
})

OR

const ebayAuthToken = new EbayAuthToken({
    clientId: '<your_client_id>',
    clientSecret: '<your_client_secret>',
    redirectUri: '<redirect_uri_name>'
});
  1. If you want to get your application credentials such as AppId, DevId, and CertId. Refer to Creating eBay Developer Account for details on how to get these credentials.
  2. You can refer to example.js for an example of how to use credentials.
  3. For Authorization code grant
    1. Get User consent url using ebayAuthToken.generateUserAuthorizationUrl()
    2. Open the generateUserAuthorizationUrl in the browser, which allows you to login in to ebay site. You will get a authorization code, or if you are using express, use res.direct(generateUserAuthorizationUrl);
    3. Pass the authorization code retrieved in the above step to exchangeCodeForAccessToken method using ebayAuthToken.exchangeCodeForAccessToken(environment, code)

Configure credentials

Create a config JSON file in your application. The config file should contain your eBay applications keys: App Id, Cert Id & Dev Id. A sample config file is available at demo/ebay-config-sample.json. Learn more about creating application keys.

{
    "SANDBOX": {
        "clientId": "---Client Id---",
        "clientSecret": "--- client secret---",
        "devid": "-- dev id ---",
        "redirectUri": "-- redirect uri ---",
        "baseUrl": "api.sandbox.ebay.com" //don't change these values
    },
    "PRODUCTION": {
        "clientId": "---Client Id---",
        "clientSecret": "--- client secret---",
        "devid": "-- dev id ---",
        "redirectUri": "-- redirect uri ---",
        "baseUrl": "api.ebay.com" //don't change these values
    }
}

Types of Tokens

There are mainly two types of tokens in usage.

Application Token

An application token contains an application identity which is generated using client_credentials grant type. These application tokens are useful for interaction with application specific APIs such as usage statistics etc.,

User Token

A user token (access token or refresh token) contains a user identity and the application’s identity. This is usually generated using the authorization_code grant type or the refresh_token grant type.

Supported Grant Types for OAuth

All of the regular OAuth 2.0 specifications such as client_credentials, authorization_code, and refresh_token are supported. Refer to eBay Developer Portal

Client Credentials

This grant type can be performed by simply using ebayAuthToken.getApplicationToken(). Read more about this grant type at oauth-client-credentials-grant.

Authorization Code

This grant type can be performed by a two step process. Call ebayAuthToken.generateUserAuthorizationUrl(environment, scopes, state) to get the Authorization URL to redirect the user to. Once the user authenticates and approves the consent, the callback needs to be captured by the redirect URL setup by the app and then call ebayAuthToken.exchangeCodeForAccessToken(environment, code) to get the refresh and access tokens.

Read more about this grant type at oauth-authorization-code-grant.

Refresh Token

This grant type can be performed by simply using ebayAuthToken.getAccessToken(environment, refreshToken, scopes). Usually access tokens are short lived and if the access token is expired, the caller can use the refresh token to generate a new access token. Read more about it at Using a refresh token to update a user access token

Questions/problems?

you've found an bug/issue, please file it on GitHub.

References

  1. https://developer.ebay.com/api-docs/static/oauth-tokens.html

  2. https://developer.ebay.com/api-docs/static/oauth-quick-ref-user-tokens.html

  3. https://developer.ebay.com/api-docs/static/oauth-gen-app-token.html

  4. https://developer.ebay.com/my/keys

License

Copyright (c) 2019 eBay Inc.

Use of this source code is governed by a Apache-2.0 license that can be found in the LICENSE file or at https://opensource.org/licenses/Apache-2.0.

Keywords

FAQs

Package last updated on 13 Sep 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc