Hi Alex, Did you had a look at https://www.npmjs.com/package/express-hawkauth#how-are-the-shared-credentials-shared ?
It is the way to derive the Hawk-Session-Token as hawk credentials. Also you can use the hawk module to build your Hawk headers. https://www.npmjs.com/package/hawk Regards, Rémy Le 15/04/2015 13:08, Oleksandr Kyetov a écrit : > Hi, Firefox Team, > > I hate being annoying, any information on the e-mail below will be > really helpful, as I tried everything what I could come up with > > Thank you in advance, > Alex K. > > On Wed, Apr 8, 2015 at 10:15 PM, Oleksandr Kyetov > <[email protected] <mailto:[email protected]>> wrote: > > Guys, thatns you for response, > > It really helped me a lot, and I let myself play a little with: > https://github.com/mozilla/fxa-oauth-server > https://github.com/mozilla/fxa-auth-server > > But, unfortunately it is not quite what I need > > My context is next: > 1) There is no client UI at all > 2) I have Firefox Account credentials stored in the backend > 3) Backend written via NodeJS > > The flow is next: > 1) Something call backend server; > 2) fxa-auth-server > endpoint > https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#post-v1accountlogin > called, > which returns session token > 3) Hawk credentials is derived from session token received in step 2) > > What I can do using Hawk credentials from step 3): > 4a) > Call > https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#get-v1sessionstatus > to > get session status > 5b) > Call > https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#post-v1sessiondestroy > to > destroy session > > What I want be able to do using Hawk credentials from step 3) > 4b) > Call https://docs.services.mozilla.com/loop/apis.html#post-call-url to > get call url > But the only thing I receive from Loop Server: > { > "code": 401, > "errno": 110, > "error": { > "statusCode": 401, > "error": "Unauthorized", > "message": "Unknown credentials" > } > } > > So I here are more concrete questions: > - is it even possible to > call https://docs.services.mozilla.com/loop/apis.html#post-call-url with > hawk credentials derived from session token recieved > from > https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#post-v1accountlogin? > - if it is possible - what I am doing wrong? > - if it is not possible - what are other ways? (except FxA OAuth) > > P.S. I create test application to give an idea what I am > doing: https://github.com/oleksandrkyetov/test-app-server > > Thanks in advance, > Alex K. > > _______________________________________________ dev-media mailing list [email protected] https://lists.mozilla.org/listinfo/dev-media
