A while back we took a look at starting development using the Nest API. In my original post the end user was required to enter a pin code after they authorizing the client application to access Nest data. This is a bit of an undesirable workflow. The authorization should be fluid and unobtrusive to the end user. Luckily the OAuth 2.0 protocol defines an optional redirect_uri that can be used during authorization, however, the Nest OAuth implementation seems to ignore this.
The solution turns out to be quite simple. Nest allows you to set the redirect_uri directly in the client you created in your developer account profile. Somehow I missed this property during my initial implementation – oops!
Now that we’ve properly set the OAuth Redirect URI we need to implement a few more things when the end users authenticates with Nest and we get the authorization code back from Nest.
The first thing we need to do is extract the authorization code sent back to us from Nest.
$(function() { var url = window.location.href; var code = url.split('code='); if (code != null && code.length > 1) { getAuthorization(code[1]); } });
After getting the code we get authorization from Nest via our webAPI proxy that we setup previously, store our cookie, and close the window when the callback is complete.