npm
Sign UpSign In

This package has been deprecated

Author message:

No longer maintained

authwith
TypeScript icon, indicating that this package has built-in type declarations

0.2.1 • Public • Published

Authwith

NPM version NPM downloads Build status Test coverage

Re-usable authentication library.

Installation

npm install authwith --save

Usage

Available implementations:

  • OAuth2
  • OpenIDConnect

Note: request (req: Request) => Promise<Response> must be provided for each implementation to support external requests (uses Servie interfaces).

OAuth 2.0

import { OAuth2 } from 'authwith'

const auth = new OAuth2(options, request)
  • authorizationUri The URL to redirect the user for authorization
  • accessTokenUri The URL to retrieve the access token
  • profileUri The URL to request user information

Parameters

These are passed as the final option to each method:

  • clientId The client id issued by the OAuth 2.0 server
  • clientSecret The client secret issued by the OAuth 2.0 server
  • redirectUri A URL on your server to receive callbacks from the OAuth 2.0 server
  • scope The requested scope string
  • state? An optional state to be verified on callback

Flow

  1. Redirect user to the URL returned from the auth.getRedirectUri(params) method
  • P.S. Save the state into the users session for verification on redirect
  1. When the callback (redirect) URL is invoked, call auth.getToken(uri, params) - this will make a request and return the access token
  2. With the access token from the response, call auth.getProfile(token, params) - this will retrieve the users profile information
  3. Refresh the token later with auth.refreshToken(refreshToken, params)

Open ID Connect

import { OpenIDConnect } from 'authwith'

const auth = new OpenIDConnect(options, request)
  • authorizationUri The URL to redirect the user for authorization
  • accessTokenUri The URL to retrieve the access token
  • issuer The issuer string for the ID token

Parameters

Extends OAuth2 parameters:

  • nonce? Verifies the nonce when reading the profile information
  • maxAge? Verifies the max age when reading the profile information
  • timestamp? Used in conjunction with maxAge to verify auth_time claim

Flow

OpenID Connect is built on top of OAuth 2.0. Internally, it will use the id_token instead of making a separate request for profile information.

TypeScript

This project is written using TypeScript and publishes the definitions directly to NPM.

License

Apache 2.0

Dependencies (5)

Dev Dependencies (9)

Package Sidebar

Install

npm i authwith

Repository

github.com/blakeembrey/authwith

Homepage

github.com/blakeembrey/authwith

Weekly Downloads

8

Version

0.2.1

License

Apache-2.0

Unpacked Size

45 kB

Total Files

21

Last publish

Collaborators

  • blakeembrey
Try on RunKit
Report malware