@rc-ex/authorize-uri

Authorize URI extension for ringcentral-extensible project

Usage no npm install needed!

<script type="module">
  import rcExAuthorizeUri from 'https://cdn.skypack.dev/@rc-ex/authorize-uri';
</script>

README

Authorize URI Extension

Generate Authorize URI.

Install

yarn add @rc-ex/authorize-uri

Usage

import RingCentral from '@rc-ex/core';
import AuthorizeUriExtension from '@rc-ex/authorize-uri';

const rc = new RingCentral(...);
const authorizeUriExtension = new AuthorizeUriExtension();
await rc.installExtension(authorizeUriExtension);
const authorizeUri = authorizeUriExtension.buildUri({
  state: 'hello',
  redirect_uri: 'https://example.com',
});

For a working sample, please check this test case.

PKCE

Ref: https://medium.com/ringcentral-developers/use-authorization-code-pkce-for-ringcentral-api-in-client-app-e9108f04b5f0

First and foremost, you should not specify client secret in your project, that's the whole point of PKCE.

Secondly, specify code_challenge_method: 'S256':

const authorizeUri = authorizeUriExtension.buildUri({
  state: 'hello',
  redirect_uri: 'https://example.com',
  code_challenge_method: 'S256'
});

And you should save the codeVerifier:

const codeVerifier = authorizeUriExtension.codeVerifier

You may need to persist codeVerifier in case browser web page refreshes.

And when you make the authorize API call, remember to specify code_verifier:

await rc.authorize({
    code: '...',
    redirect_uri: '...',
    code_verifier: codeVerifier
})

PKCE demo

Base Authorization URI

Optionally, you can specify baseAuthorizationUri as parameter to the constructor of this extension. If it's not specified, ${rc.rest.server}/restapi/oauth/authorize is used as baseAuthorizationUri.