provide oauth server flow example for node.js
The nodejs_express_skeleton uses browser to submit access token request, but ideally I want to not expose the access token to the browser, if possible. I would typically do this using the auth code/access token exchange from a server to server request, and make additional private resource requests as needed on the server.
I can adapt the existing node.js sample based on typical oauth requests, but it would be great if the sample already used this approach.
Tyson Norris commented
Ah nevermind - I got confused by the call to /profiles from client app.js AND from express-singly index.js (during /callback route).
(I can just remove the access token from client js/ejs if I need to.)