oauth2-server
Complete, compliant and well tested module for implementing an OAuth2 server in Node.js.
Allthings Custom implementation
Due to the lack of maintenance of the project this was forked @allthings.
Changes since fork (by Allthings)
- Bug-fix for query parameters in the redirect_uri during authorization.
isClientAuthenticationRequired
can now be overwritten in for the server options allowing us to not require a client_secret
for public clients.
Installation
npm install oauth2-server
The oauth2-server module is framework-agnostic but there are several officially supported wrappers available for popular HTTP server frameworks such as Express and Koa. If you're using one of those frameworks it is strongly recommended to use the respective wrapper module instead of rolling your own.
Features
- Supports
authorization_code
, client_credentials
, refresh_token
, implicit
and password
grant, as well as extension grants, with scopes. - Can be used with promises, Node-style callbacks, ES6 generators and async/await (using Babel).
- Fully RFC 6749 and RFC 6750 compliant.
- Implicitly supports any form of storage, e.g. PostgreSQL, MySQL, MongoDB, Redis, etc.
- Complete test suite.
Documentation
Documentation is hosted on Read the Docs.
Examples
Most users should refer to our Express or Koa examples.
Examples for v3 are yet to be made.
Upgrading from 2.x
This module has been rewritten using a promise-based approach, introducing changes to the API and model specification. v2.x is no longer supported.
Please refer to our 3.0 migration guide for more information.
Tests
To run the test suite, install dependencies, then run npm test
:
npm install
npm test