How to build a public Feedly integration: Building the Auth Flow

Hey there, fellow JavaScript enthusiasts! Ready to dive into the world of Feedly integration? Today, we're going to tackle one of the most crucial parts of building a public Feedly integration: the authorization flow. Buckle up, because we're about to make your app Feedly-friendly in no time!

Prerequisites

Before we jump in, make sure you've got:

• A Feedly Developer Account (if you don't have one, go grab it!)
• A basic understanding of OAuth 2.0 (don't worry, we'll refresh your memory)
• Node.js and Express.js set up and ready to go

Setting up the Feedly Developer Application

First things first, let's get you set up on the Feedly side:

1. Head over to the Feedly Developer Console and create a new application.
2. Jot down your Client ID and Client Secret - you'll need these later!
3. Set up your redirect URI. This is where Feedly will send your users after they've authorized your app.

Implementing the Authorization Flow

Initiating the Auth Request

Let's kick things off by sending your users to Feedly's authorization page:

const authUrl = `https://cloud.feedly.com/v3/auth/auth?client_id=${clientId}&redirect_uri=${redirectUri}&response_type=code&scope=https://cloud.feedly.com/subscriptions`;

res.redirect(authUrl);

Handling the Callback

Now, set up an endpoint to catch that callback:

app.get('/callback', async (req, res) => {
  const authCode = req.query.code;
  // We'll use this code in the next step
});

Exchanging the Code for Access Token

Time to trade that code for an access token:

const tokenResponse = await axios.post('https://cloud.feedly.com/v3/auth/token', {
  client_id: clientId,
  client_secret: clientSecret,
  grant_type: 'authorization_code',
  redirect_uri: redirectUri,
  code: authCode
});

const { access_token, refresh_token } = tokenResponse.data;

Refreshing the Access Token

Don't forget to implement token refresh logic:

const refreshTokenResponse = await axios.post('https://cloud.feedly.com/v3/auth/token', {
  client_id: clientId,
  client_secret: clientSecret,
  grant_type: 'refresh_token',
  refresh_token: storedRefreshToken
});

const { access_token: newAccessToken, refresh_token: newRefreshToken } = refreshTokenResponse.data;

Securing the Integration

Security first, folks! Here are some quick tips:

• Never expose your client secret on the client-side
• Use environment variables to store sensitive information
• Implement PKCE for an extra layer of security

Testing the Auth Flow

Time to put your code to the test:

1. Start your server
2. Navigate to your auth initiation endpoint
3. Follow the Feedly authorization process
4. Check if you receive the access token

If you hit any snags, double-check your client ID, secret, and redirect URI. Common issues often stem from mismatched URLs or incorrect scope definitions.

Next Steps

Now that you've got your access token, the Feedly world is your oyster! You can start making API requests to fetch user data, manage subscriptions, and more. Why not try fetching the user's feed next?

Conclusion

And there you have it! You've successfully implemented the authorization flow for your Feedly integration. Pat yourself on the back - you're now ready to build some amazing Feedly-powered features into your app.

Remember, this is just the beginning. The Feedly API has so much more to offer, so keep exploring and building. Happy coding, and may your feeds always be fresh and your tokens never expire!