Skip to content

Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js

License

Notifications You must be signed in to change notification settings

yktseng/node-oauth2-server

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Complete, compliant and well tested module for implementing an OAuth2 server in node.js.

NPM Version Build Status NPM Downloads

Quick Start

The node-oauth2-server module is framework-agnostic but there are several wrappers available for popular frameworks such as express and koa.

Using the express wrapper (recommended):

var express = require('express');
var oauthserver = require('express-oauth-server');
var app = express();

var oauth = new oauthServer({ model: model });

app.use(oauth.authenticate());

app.get('/', function (req, res) {
  res.send('Hello World');
})

app.listen(3000);

Using this module directly (for custom servers only):

var Request = require('oauth2-server').Request;
var oauthServer = require('oauth2-server');

var oauth = new oauthServer({ model: model });

var request = new Request({
  headers: { authorization: 'Bearer foobar' }
});

oauth.authenticate(request)
  .then(function(data) {
    // Request is authorized.
  })
  .catch(function(e) {
    // Request is not authorized.
  });

Note: see the documentation for the specification of what's required from the model.

Features

  • Supports authorization_code (with scopes), client_credentials, password, refresh_token and custom extension grant types.
  • Can be used with node-style callbacks, promises and ES6 async/await.
  • Fully RFC6749 and RFC6750 compliant.
  • Implicitly supports any form of storage e.g. PostgreSQL, MySQL, Mongo, Redis, etc.
  • Full test suite.

Documentation

Examples

Most users should refer to our express or koa examples. If you're implementing a custom server, we have many examples available:

  • A simple password grant authorization example.
  • A more complex password and refresh_token example.
  • An advanced password, refresh_token and authorization_code (with scopes) example.

Upgrading from 2.x

This module has been rewritten with a promise-based approach and introduced a few changes in the model specification.

Please refer to our 3.0 migration guide for more information.

License

MIT

About

Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 100.0%