Arctic

Naver

OAuth 2.0 provider for Naver.

Also see the OAuth 2.0 guide.

Initialization

import * as arctic from "arctic";

const naver = new arctic.Naver(clientId, clientSecret, redirectURI);

Create authorization URL

const url = naver.createAuthorizationURL();

Validate authorization code

validateAuthorizationCode() will either return an OAuth2Tokens, or throw one of OAuth2RequestError, ArcticFetchError, UnexpectedResponseError, or UnexpectedErrorResponseBodyError. Naver returns an access token and a refresh token.

import * as arctic from "arctic";

try {
	const tokens = await naver.validateAuthorizationCode(code);

	const accessToken = tokens.accessToken();
	const refreshToken = tokens.refreshToken();
} catch (e) {
	if (e instanceof arctic.OAuth2RequestError) {
		// Invalid authorization code, credentials, or redirect URI
		const code = e.code;
		// ...
	}
	if (e instanceof arctic.ArcticFetchError) {
		// Failed to call `fetch()`
		const cause = e.cause;
		// ...
	}
	// Parse error
}

It also returns the access token expiration, but does so in a non-RFC compliant manner. This is a known issue with Naver.

const tokens = await bungie.validateAuthorizationCode(code);
// Should be returned as a number per RFC 6749, but returns it as a string.
if ("expires_in" in tokens.data && typeof tokens.data.expires_in === "string") {
	const accessTokenExpiresIn = Number(tokens.data.expires_in);
}

Refresh access tokens

Use refreshAccessToken() to get a new access token using a refresh token. Naver returns the same values as during the authorization code validation, including the access token expiration which needs to be manually parsed out. This method also returns OAuth2Tokens and throws the same errors as validateAuthorizationCode()

import * as arctic from "arctic";

try {
	const tokens = await naver.refreshAccessToken(refreshToken);
	const accessToken = tokens.accessToken();
	const refreshToken = tokens.refreshToken();
} catch (e) {
	if (e instanceof arctic.OAuth2RequestError) {
		// Invalid authorization code, credentials, or redirect URI
	}
	if (e instanceof arctic.ArcticFetchError) {
		// Failed to call `fetch()`
	}
	// Parse error
}

Get user profile

Use the /v1/nid/me endpoint.

const response = await fetch("https://openapi.naver.com/v1/nid/me", {
	headers: {
		Authorization: `Bearer ${accessToken}`
	}
});
const user = await response.json();