Class: ExpressOAuthServer

ExpressOAuthServer(optionsopt)

Complete, compliant and well tested express wrapper for @node-oauth/oauth2-server in node.js. The module provides two middlewares - one for granting tokens and another to authorize them. @node-oauth/express-oauth-server and, consequently @node-oauth/oauth2-server, expect the request body to be parsed already. The following example uses body-parser but you may opt for an alternative library.

Constructor

new ExpressOAuthServer(optionsopt)

Creates a new OAuth2 server that will be bound to this class' middlewares. Constructor takes several options as arguments. The following describes only options, specific to this module. For all other options, please read the docs from @node-oauth/oauth2-server:

Parameters:
Name Type Attributes Description
options object <optional>

optional options

Properties
Name Type Attributes Description
useErrorHandler boolean <optional>

If false, an error response will be rendered by this component. Set this value to true to allow your own express error handler to handle the error.
continueMiddleware boolean <optional>

The authorize() and token() middlewares will both render their result to the response and end the pipeline. next() will only be called if this is set to true. Note: You cannot modify the response since the headers have already been sent. authenticate() does not modify the response and will always call next()
Source:
See:
Example
const bodyParser = require('body-parser');
const express = require('express');
const OAuthServer = require('@node-oauth/express-oauth-server');

const app = express();

app.oauth = new OAuthServer({
  model: {}, // See https://github.com/node-oauth/node-oauth2-server for specification
});

app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(app.oauth.authorize());

app.use(function(req, res) {
  res.send('Secret area');
});

app.listen(3000);

Methods

authenticate(optionsopt) → {function}

Authentication Middleware. Returns a middleware that will validate a token.

Parameters:
Name Type Attributes Description
options object <optional>

will be passed to the authenticate-handler as options, see linked docs
Source:
See:
Returns:
Type
function

authorize(optionsopt) → {function}

Authorization Middleware. Returns a middleware that will authorize a client to request tokens.

Parameters:
Name Type Attributes Description
options object <optional>

will be passed to the authorize-handler as options, see linked docs
Source:
See:
Returns:
Type
function

token(optionsopt) → {function}

Grant Middleware. Returns middleware that will grant tokens to valid requests.

Parameters:
Name Type Attributes Description
options object <optional>

will be passed to the token-handler as options, see linked docs
Source:
See:
Returns:
Type
function