This text is part of Introduction to OAuth with Node.js mini-book which is available at gum.co/hRyc.
Let’s start with good old OAuth 1.0. The way it usually works is as follows:
- For the first time, when we authorize a user to use our app, we need to perform extra work and obtain access token and secret (three-legged).
- You store these values for each user in your application.
- Then, on subsequent requests, things become much simpler. We construct auth headers and make HTTP requests (one-legged).