npm
Sign UpSign In

This package has been deprecated

Author message:

No longer maintained

authwith
TypeScript icon, indicating that this package has built-in type declarations

0.2.1 • Public • Published

Authwith

NPM version NPM downloads Build status Test coverage

Re-usable authentication library.

Installation

npm install authwith --save

Usage

Available implementations:

  • OAuth2
  • OpenIDConnect

Note: request (req: Request) => Promise<Response> must be provided for each implementation to support external requests (uses Servie interfaces).

OAuth 2.0

import { OAuth2 } from 'authwith'

const auth = new OAuth2(options, request)
  • authorizationUri The URL to redirect the user for authorization
  • accessTokenUri The URL to retrieve the access token
  • profileUri The URL to request user information

Parameters

These are passed as the final option to each method:

  • clientId The client id issued by the OAuth 2.0 server
  • clientSecret The client secret issued by the OAuth 2.0 server
  • redirectUri A URL on your server to receive callbacks from the OAuth 2.0 server
  • scope The requested scope string
  • state? An optional state to be verified on callback

Flow

  1. Redirect user to the URL returned from the auth.getRedirectUri(params) method
  • P.S. Save the state into the users session for verification on redirect
  1. When the callback (redirect) URL is invoked, call auth.getToken(uri, params) - this will make a request and return the access token
  2. With the access token from the response, call auth.getProfile(token, params) - this will retrieve the users profile information
  3. Refresh the token later with auth.refreshToken(refreshToken, params)

Open ID Connect

import { OpenIDConnect } from 'authwith'

const auth = new OpenIDConnect(options, request)
  • authorizationUri The URL to redirect the user for authorization
  • accessTokenUri The URL to retrieve the access token
  • issuer The issuer string for the ID token

Parameters

Extends OAuth2 parameters:

  • nonce? Verifies the nonce when reading the profile information
  • maxAge? Verifies the max age when reading the profile information
  • timestamp? Used in conjunction with maxAge to verify auth_time claim

Flow

OpenID Connect is built on top of OAuth 2.0. Internally, it will use the id_token instead of making a separate request for profile information.

TypeScript

This project is written using TypeScript and publishes the definitions directly to NPM.

License

Apache 2.0

Readme

Keywords

Package Sidebar

Install

npm i authwith

Repository

github.com/blakeembrey/authwith

Homepage

github.com/blakeembrey/authwith

Weekly Downloads

2

Version

0.2.1

License

Apache-2.0

Unpacked Size

45 kB

Total Files

21

Last publish

Collaborators

  • blakeembrey
Try on RunKit
Report malware