Hey there, fellow JavaScript enthusiast! Ready to dive into the world of PDF.co integrations? Today, we're going to tackle one of the most crucial aspects of building a public integration: the authorization flow. PDF.co's powerful API is at your fingertips, but first, we need to make sure our users can securely access it. Let's get started!
Before we jump in, make sure you've got:
Alright, let's get our hands dirty! First things first:
mkdir pdf-co-integration cd pdf-co-integration npm init -y npm install express axios dotenv
Great! We've got our project set up with the necessary dependencies.
Security first! Let's keep those sensitive details safe:
touch .env
Open up that .env file and add:
PDF_CO_API_KEY=your_api_key_here
PDF_CO_CLIENT_ID=your_client_id_here
PDF_CO_CLIENT_SECRET=your_client_secret_here
Don't forget to add .env to your .gitignore file!
Now for the fun part! Let's build out our auth flow:
const express = require('express'); const axios = require('axios'); require('dotenv').config(); const app = express(); app.get('/auth', (req, res) => { const authUrl = `https://api.pdf.co/oauth2/authorize?client_id=${process.env.PDF_CO_CLIENT_ID}&response_type=code&redirect_uri=http://localhost:3000/callback`; res.redirect(authUrl); }); app.get('/callback', async (req, res) => { const { code } = req.query; try { const response = await axios.post('https://api.pdf.co/oauth2/token', { grant_type: 'authorization_code', code, client_id: process.env.PDF_CO_CLIENT_ID, client_secret: process.env.PDF_CO_CLIENT_SECRET, redirect_uri: 'http://localhost:3000/callback' }); const { access_token, refresh_token } = response.data; // Store these tokens securely (more on this later) res.send('Authorization successful!'); } catch (error) { console.error('Error during token exchange:', error); res.status(500).send('Authorization failed'); } }); app.listen(3000, () => console.log('Server running on port 3000'));
Now that we've got our tokens, we need to keep them safe and fresh:
// Add this to your existing code let accessToken = null; let refreshToken = null; function storeTokens(access, refresh) { accessToken = access; refreshToken = refresh; // In a real app, you'd want to store these more securely } async function refreshAccessToken() { try { const response = await axios.post('https://api.pdf.co/oauth2/token', { grant_type: 'refresh_token', refresh_token: refreshToken, client_id: process.env.PDF_CO_CLIENT_ID, client_secret: process.env.PDF_CO_CLIENT_SECRET }); storeTokens(response.data.access_token, response.data.refresh_token); } catch (error) { console.error('Error refreshing token:', error); } }
Time to put those tokens to work:
async function makeApiRequest(endpoint, data) { try { const response = await axios.post(`https://api.pdf.co/v1/${endpoint}`, data, { headers: { Authorization: `Bearer ${accessToken}` } }); return response.data; } catch (error) { if (error.response && error.response.status === 401) { await refreshAccessToken(); return makeApiRequest(endpoint, data); // Retry with new token } throw error; } }
Remember, security is key! Always:
Let's make sure everything's working:
app.get('/test', async (req, res) => { try { const result = await makeApiRequest('pdf/info', { url: 'https://example.com/sample.pdf' }); res.json(result); } catch (error) { res.status(500).json({ error: 'API request failed' }); } });
And there you have it! You've just built a secure authorization flow for your PDF.co integration. Pretty cool, right? From here, you can expand your integration to leverage all the awesome features PDF.co has to offer.
Want to dive deeper? Check out:
Happy coding, and may your PDFs always be perfectly processed! 🚀📄
