Skip to content

Commit

Permalink
chore(docs): Update auth documentation and examples (LuanRT#568)
Browse files Browse the repository at this point in the history 
* chore(docs): Update auth documentation and examples

* chore(docs): Minor rewording

* chore(docs): Fix library version in the OAuth2 example
  • Loading branch information
@LuanRT
LuanRT committed Jan 8, 2024
1 parent 7ffd0fc commit abd8a82
Show file tree
Hide file tree
Showing 5 changed files with 293 additions and 7 deletions.
30 changes: 23 additions & 7 deletions examples/auth/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,11 @@
# Authentication via OAuth
# OAuth2

## Usage
## Custom OAuth2 Credentials
Just like the official Data API, YouTube.js supports using your own OAuth2 credentials. A working example can be found [here](https://github.com/LuanRT/YouTube.js/blob/main/examples/auth/custom-oauth2-creds).

Before using any methods which require authentication, you have to authenticate the session:
## YouTube TV OAuth2

The library supports signing in using YouTube TV's client id. This is the recommended way to sign in as it doesn't require you to create your own OAuth2 credentials.

```js
// 'auth-pending' is fired with the info needed to sign in via OAuth.
Expand All @@ -25,9 +28,11 @@ yt.session.on('update-credentials', ({ credentials }) => {
await yt.session.signIn(/* credentials */);
```

### Cache Credentials
A working example can be found [here](https://github.com/LuanRT/YouTube.js/blob/main/examples/auth/yttv-oauth2.js).

## Cache Credentials

If you don't wish to sign in every time you start the session, you can cache the credentials. Note that this SHOULD NOT be used in production, save your credentials in a database/file instead and pass them to `Session#signIn(creds?)` when signing in.
If you don't want to start the sign in flow every time you initialize the session, you can cache the credentials. Note that this SHOULD NOT be used in production, save your credentials in a database/file instead and pass them to `Session#signIn(creds?)` when signing in.

```js
// If you use this, the next call to signIn won't fire 'auth-pending' instead just 'auth'
Expand All @@ -36,9 +41,9 @@ await yt.session.oauth.cacheCredentials();

**Note:** When using cached credentials, you are still required to make a call to `Session#signIn()`.

### Sign Out
## Sign Out

The sign out method may be used to sign out of the current session. This should also remove the cached credentials.
The sign out method may be used to sign out of the current session. This removes and revokes the credentials.

```js
await yt.session.signOut();
Expand All @@ -47,3 +52,14 @@ await yt.session.signOut();
// and only want to delete the cached credentials, use:
await yt.session.oauth.removeCache();
```

# Cookies

> **Note**
> This is not as reliable as OAuth2 as cookies expire and can be completely revoked at any time.
```js
const yt = await Innertube.create({
cookie: '...'
});
```
141 changes: 141 additions & 0 deletions examples/auth/custom-oauth2-creds/index.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
import express from 'express';
import { Innertube, UniversalCache, YTNodes } from 'youtubei.js';
import { OAuth2Client } from 'google-auth-library';

const app = express();

let innertube: Innertube | undefined;
let oAuth2Client: OAuth2Client | undefined;

/**
* To get your own client id and secret, visit https://console.developers.google.com/, create a new project,
* and create an OAuth 2.0 Client ID (Web application) under the Credentials tab.
*
* Don't forget to add http://localhost:3000/login as an authorized redirect URI.
*/
const clientId = 'YOUR_OAUTH2_CLIENT_ID';
const clientSecret = 'YOUR_OAUTH2_CLIENT_SECRET';
const redirectUri = 'http://localhost:3000/login';

const port = 3000;

let authorizationUrl: string | undefined;

app.use(express.static('public'))
app.use(express.urlencoded({ extended: true, limit: '3mb' }))

const cache = new UniversalCache(true);

console.info("Cache dir:", cache.cache_dir);

app.get('/', async (_req, res) => {
if (!innertube) {
console.info('Creating innertube instance.');
innertube = await Innertube.create({ cache });

innertube.session.on("update-credentials", async (_credentials) => {
console.info('Credentials updated.');
await innertube?.session.oauth.cacheCredentials();
});
}

if (await cache.get('youtubei_oauth_credentials')) {
await innertube.session.signIn();
}

if (innertube.session.logged_in) {
console.info('Innertube instance is logged in.');

const userInfo = await innertube.account.getInfo();
const library = await innertube.getLibrary();

const html = `
<p>Hello ${userInfo.contents?.contents.first().account_name.text}! You have ${userInfo.contents?.contents.first().account_byline.text} on your YouTube channel.</p>
<p>Email: ${userInfo.contents?.contents.first().endpoint.payload.directSigninUserProfile.email}</p>
<p>Obfuscated Gaia ID: ${userInfo.contents?.contents.first().endpoint.payload.directSigninIdentity.effectiveObfuscatedGaiaId}</p>
<p>Channel URL: <a href="https://www.youtube.com/channel/${userInfo.footers?.endpoint.payload.browseId}">https://www.youtube.com/channel/${userInfo.footers?.endpoint.payload.browseId}</a></p>
<p>Profile Picture:</p>
<img src="${userInfo.contents?.contents.first().account_photo[0].url}" />
<p>Recently watched videos:</p>
<ul>
${library.videos.map((video) => `<li><a href="${video.as(YTNodes.GridVideo).endpoint.toURL()}">${video.title.toString()}</a> by ${video.as(YTNodes.GridVideo).author.name.toString()} - ${video.as(YTNodes.GridVideo).duration?.text}</li>`).join('')}
</ul>
<button onclick="window.location.href = '/logout'">Logout</button>
`;

return res.send(html);
}

if (!oAuth2Client) {
console.info('Creating OAuth2 client.');

oAuth2Client = new OAuth2Client(
clientId,
clientSecret,
redirectUri
);

authorizationUrl = oAuth2Client.generateAuthUrl({
access_type: 'offline',
scope: [
"http://gdata.youtube.com",
"https://www.googleapis.com/auth/youtube-paid-content"
],
include_granted_scopes: true,
prompt: 'consent',
});

console.info('Redirecting to authorization URL...');

res.redirect(authorizationUrl);
} else if (authorizationUrl) {
console.info('OAuth2 client already exists. Redirecting to authorization URL...');
res.redirect(authorizationUrl);
}
});

app.get('/login', async (req, res) => {
const { code } = req.query;

if (!code) {
return res.send('No code provided.');
}

if (!oAuth2Client || !innertube) {
return res.send('OAuth2 client or innertube instance is not initialized.');
}

const { tokens } = await oAuth2Client.getToken(code as string);

if (tokens.access_token && tokens.refresh_token && tokens.expiry_date) {
await innertube.session.signIn({
access_token: tokens.access_token,
refresh_token: tokens.refresh_token,
expires: new Date(tokens.expiry_date),
client_id: clientId,
client_secret: clientSecret,
});

await innertube.session.oauth.cacheCredentials();

console.log('Logged in successfully. Redirecting to home page...');

res.redirect('/');
}
});

app.get('/logout', async (_req, res) => {
if (!innertube) {
return res.send('Innertube instance is not initialized.');
}

await innertube.session.signOut();

console.log('Logged out successfully. Redirecting to home page...');

res.redirect('/');
});

app.listen(port, () => {
console.log(`Server is running on port ${port}`);
});
20 changes: 20 additions & 0 deletions examples/auth/custom-oauth2-creds/package.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{
"name": "yt-oauth-example",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC",
"dependencies": {
"express": "^4.18.2",
"google-auth-library": "^9.4.1",
"youtubei.js": "^8.1.0"
},
"devDependencies": {
"@types/express": "^4.17.21"
}
}
109 changes: 109 additions & 0 deletions examples/auth/custom-oauth2-creds/tsconfig.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
{
"compilerOptions": {
/* Visit https://aka.ms/tsconfig to read more about this file */

/* Projects */
// "incremental": true, /* Save .tsbuildinfo files to allow for incremental compilation of projects. */
// "composite": true, /* Enable constraints that allow a TypeScript project to be used with project references. */
// "tsBuildInfoFile": "./.tsbuildinfo", /* Specify the path to .tsbuildinfo incremental compilation file. */
// "disableSourceOfProjectReferenceRedirect": true, /* Disable preferring source files instead of declaration files when referencing composite projects. */
// "disableSolutionSearching": true, /* Opt a project out of multi-project reference checking when editing. */
// "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */

/* Language and Environment */
"target": "es2016", /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
// "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */
// "jsx": "preserve", /* Specify what JSX code is generated. */
// "experimentalDecorators": true, /* Enable experimental support for legacy experimental decorators. */
// "emitDecoratorMetadata": true, /* Emit design-type metadata for decorated declarations in source files. */
// "jsxFactory": "", /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h'. */
// "jsxFragmentFactory": "", /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
// "jsxImportSource": "", /* Specify module specifier used to import the JSX factory functions when using 'jsx: react-jsx*'. */
// "reactNamespace": "", /* Specify the object invoked for 'createElement'. This only applies when targeting 'react' JSX emit. */
// "noLib": true, /* Disable including any library files, including the default lib.d.ts. */
// "useDefineForClassFields": true, /* Emit ECMAScript-standard-compliant class fields. */
// "moduleDetection": "auto", /* Control what method is used to detect module-format JS files. */

/* Modules */
"module": "commonjs", /* Specify what module code is generated. */
// "rootDir": "./", /* Specify the root folder within your source files. */
// "moduleResolution": "node10", /* Specify how TypeScript looks up a file from a given module specifier. */
// "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
// "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
// "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */
// "typeRoots": [], /* Specify multiple folders that act like './node_modules/@types'. */
// "types": [], /* Specify type package names to be included without being referenced in a source file. */
// "allowUmdGlobalAccess": true, /* Allow accessing UMD globals from modules. */
// "moduleSuffixes": [], /* List of file name suffixes to search when resolving a module. */
// "allowImportingTsExtensions": true, /* Allow imports to include TypeScript file extensions. Requires '--moduleResolution bundler' and either '--noEmit' or '--emitDeclarationOnly' to be set. */
// "resolvePackageJsonExports": true, /* Use the package.json 'exports' field when resolving package imports. */
// "resolvePackageJsonImports": true, /* Use the package.json 'imports' field when resolving imports. */
// "customConditions": [], /* Conditions to set in addition to the resolver-specific defaults when resolving imports. */
// "resolveJsonModule": true, /* Enable importing .json files. */
// "allowArbitraryExtensions": true, /* Enable importing files with any extension, provided a declaration file is present. */
// "noResolve": true, /* Disallow 'import's, 'require's or '<reference>'s from expanding the number of files TypeScript should add to a project. */

/* JavaScript Support */
// "allowJs": true, /* Allow JavaScript files to be a part of your program. Use the 'checkJS' option to get errors from these files. */
// "checkJs": true, /* Enable error reporting in type-checked JavaScript files. */
// "maxNodeModuleJsDepth": 1, /* Specify the maximum folder depth used for checking JavaScript files from 'node_modules'. Only applicable with 'allowJs'. */

/* Emit */
// "declaration": true, /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
// "declarationMap": true, /* Create sourcemaps for d.ts files. */
// "emitDeclarationOnly": true, /* Only output d.ts files and not JavaScript files. */
// "sourceMap": true, /* Create source map files for emitted JavaScript files. */
// "inlineSourceMap": true, /* Include sourcemap files inside the emitted JavaScript. */
// "outFile": "./", /* Specify a file that bundles all outputs into one JavaScript file. If 'declaration' is true, also designates a file that bundles all .d.ts output. */
// "outDir": "./", /* Specify an output folder for all emitted files. */
// "removeComments": true, /* Disable emitting comments. */
// "noEmit": true, /* Disable emitting files from a compilation. */
// "importHelpers": true, /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
// "importsNotUsedAsValues": "remove", /* Specify emit/checking behavior for imports that are only used for types. */
// "downlevelIteration": true, /* Emit more compliant, but verbose and less performant JavaScript for iteration. */
// "sourceRoot": "", /* Specify the root path for debuggers to find the reference source code. */
// "mapRoot": "", /* Specify the location where debugger should locate map files instead of generated locations. */
// "inlineSources": true, /* Include source code in the sourcemaps inside the emitted JavaScript. */
// "emitBOM": true, /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */
// "newLine": "crlf", /* Set the newline character for emitting files. */
// "stripInternal": true, /* Disable emitting declarations that have '@internal' in their JSDoc comments. */
// "noEmitHelpers": true, /* Disable generating custom helper functions like '__extends' in compiled output. */
// "noEmitOnError": true, /* Disable emitting files if any type checking errors are reported. */
// "preserveConstEnums": true, /* Disable erasing 'const enum' declarations in generated code. */
// "declarationDir": "./", /* Specify the output directory for generated declaration files. */
// "preserveValueImports": true, /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */

/* Interop Constraints */
// "isolatedModules": true, /* Ensure that each file can be safely transpiled without relying on other imports. */
// "verbatimModuleSyntax": true, /* Do not transform or elide any imports or exports not marked as type-only, ensuring they are written in the output file's format based on the 'module' setting. */
// "allowSyntheticDefaultImports": true, /* Allow 'import x from y' when a module doesn't have a default export. */
"esModuleInterop": true, /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables 'allowSyntheticDefaultImports' for type compatibility. */
// "preserveSymlinks": true, /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
"forceConsistentCasingInFileNames": true, /* Ensure that casing is correct in imports. */

/* Type Checking */
"strict": true, /* Enable all strict type-checking options. */
// "noImplicitAny": true, /* Enable error reporting for expressions and declarations with an implied 'any' type. */
// "strictNullChecks": true, /* When type checking, take into account 'null' and 'undefined'. */
// "strictFunctionTypes": true, /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
// "strictBindCallApply": true, /* Check that the arguments for 'bind', 'call', and 'apply' methods match the original function. */
// "strictPropertyInitialization": true, /* Check for class properties that are declared but not set in the constructor. */
// "noImplicitThis": true, /* Enable error reporting when 'this' is given the type 'any'. */
// "useUnknownInCatchVariables": true, /* Default catch clause variables as 'unknown' instead of 'any'. */
// "alwaysStrict": true, /* Ensure 'use strict' is always emitted. */
// "noUnusedLocals": true, /* Enable error reporting when local variables aren't read. */
// "noUnusedParameters": true, /* Raise an error when a function parameter isn't read. */
// "exactOptionalPropertyTypes": true, /* Interpret optional property types as written, rather than adding 'undefined'. */
// "noImplicitReturns": true, /* Enable error reporting for codepaths that do not explicitly return in a function. */
// "noFallthroughCasesInSwitch": true, /* Enable error reporting for fallthrough cases in switch statements. */
// "noUncheckedIndexedAccess": true, /* Add 'undefined' to a type when accessed using an index. */
// "noImplicitOverride": true, /* Ensure overriding members in derived classes are marked with an override modifier. */
// "noPropertyAccessFromIndexSignature": true, /* Enforces using indexed accessors for keys declared using an indexed type. */
// "allowUnusedLabels": true, /* Disable error reporting for unused labels. */
// "allowUnreachableCode": true, /* Disable error reporting for unreachable code. */

/* Completeness */
// "skipDefaultLibCheck": true, /* Skip type checking .d.ts files that are included with TypeScript. */
"skipLibCheck": true /* Skip type checking all .d.ts files. */
}
}
0 examples/auth/index.js → examples/auth/yttv-oauth2.js
View file
File renamed without changes.

0 comments on commit abd8a82

Please sign in to comment.