/egg-oauth2-server

:star2: OAuth2 server plugin for egg.js based on node-oauth2-server

Primary LanguageJavaScriptMIT LicenseMIT

egg-oauth2-server

NPM version build status Test coverage David deps Known Vulnerabilities npm download

Chinese Example | 中文样例教程(注意:文章里使用的是该插件 v1.x 版本,部分 API 名称有变化,主要流程一致)

egg-oauth2-server is a module that easily adds oauth2 capability to egg-based servers.

  • egg 2.x use egg-oauth2-server latest (Node >= 8.0.0)
  • egg 1.x use egg-oauth2-server 2.0.x (Node >= 6.0.0)

Install

$ npm i egg-oauth2-server --save

Usage

// {app_root}/config/plugin.js
exports.oAuth2Server = {
  enable: true,
  package: 'egg-oauth2-server',
};

// {app_root}/app/router.js
app.all('/user/token', app.oAuth2Server.token());
app.get('/user/authorize', app.oAuth2Server.authorize(), 'user.code');
app.get('/user/authenticate', app.oAuth2Server.authenticate(), 'user.authenticate');

// `ctx.state.oauth` has token or code data after middleware for controller.
// {app_root}/config/config.default.js
module.exports = config => {
  const exports = {};
  exports.oAuth2Server = {
    debug: config.env === 'local',
    grants: [ 'password' ],
  };
  return exports;
};

See test/fixtures/apps/oauth2-server-test/config/config.unittest.js for reference.

// {app_root}/app/extend/oauth.js
// or {app_root}/app/extend/oauth.ts
'use strict';

// need implement some follow functions
module.exports = app => {  
  class Model {
    constructor(ctx) {}
    async getClient(clientId, clientSecret) {}
    async getUser(username, password) {}
    async getAccessToken(bearerToken) {}
    async saveToken(token, client, user) {}
    async revokeToken(token) {}
    async getAuthorizationCode(authorizationCode) {}
    async saveAuthorizationCode(code, client, user) {}
    async revokeAuthorizationCode(code) {}
  }  
  return Model;
};

For full description, check out https://www.npmjs.com/package/oauth2-server.

Examples

A simple password-mode OAuth 2.0 server. Full code at test/fixtures/apps/oauth2-server-test/app/extend/oauth.js

password mode app.oauth.token() lifecycle

getClient --> getUser --> saveToken

password mode app.oauth.authenticate() lifecycle

Only getAccessToken

authorization_code mode app.oauth.authorize() lifecycle

getClient --> getUser --> saveAuthorizationCode

authorization_code mode app.oauth.token() lifecycle

getClient --> getAuthorizationCode --> saveToken --> revokeAuthorizationCode

authorization_code mode app.oauth.authenticate() lifecycle

Only getAccessToken

Questions & Suggestions

Please open an issue. PRs are welcomed too.

License

MIT