Express OAuth Server
Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js.
This is the express wrapper for @node-oauth/oauth2-server, it's a fork from the former oauthjs/express-oauth-server.
Installation
$ npm install @node-oauth/express-oauth-server
Quick Start
The module provides two middlewares - one for granting tokens and another to authorize them.
@node-oauth/express-oauth-server
and, consequently @node-oauth/oauth2-server
,
expect the request body to be parsed already.
The following example uses body-parser
but you may opt for an alternative library.
const bodyParser = require('body-parser');
const express = require('express');
const OAuthServer = require('@node-oauth/express-oauth-server');
const app = express();
app.oauth = new OAuthServer({
model: {}, // See https://github.com/node-oauth/node-oauth2-server for specification
});
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(app.oauth.authorize());
app.use(function(req, res) {
res.send('Secret area');
});
app.listen(3000);
More Examples
For more examples, please visit our dedicated "examples" repo , which also contains express examples.
Options
Note: The following options extend the default options from
@node-oauth/oauth2-sever
! You can read more about all possible options in the @node-oauth/oauth2-sever documentation
const options = {
useErrorHandler: false,
continueMiddleware: false,
}
-
useErrorHandler
(type: boolean default: false)If false, an error response will be rendered by this component. Set this value to true to allow your own express error handler to handle the error.
-
continueMiddleware
(type: boolean default: false)The
authorize()
andtoken()
middlewares will both render their result to the response and end the pipeline. next() will only be called if this is set to true.Note: You cannot modify the response since the headers have already been sent.
authenticate()
does not modify the response and will always call next()
License
MIT, see