Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@bity/oauth2-auth-code-pkce

Package Overview
Dependencies
Maintainers
3
Versions
26
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@bity/oauth2-auth-code-pkce

An OAuth 2.0 client that ONLY supports Authorization Code flow with PKCE support.

  • 2.13.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
5.1K
decreased by-5.55%
Maintainers
3
Weekly downloads
 
Created
Source

OAuth2AuthCodePKCE client

A zero dependency OAuth 2.0 client supporting only the authorization code grant (RFC 6749 § 4.1) with PKCE (RFC 7636) for client side protection.

Currently the only Type/JavaScript implementation in public existence.

1 file implementation for easy auditing.

Installation

npm install @bity/oauth2-auth-code-pkce

Usage

See the source code of tests/panel.html. It's commented with helpful information.

Run npm run serve:tests and navigate to http://localhost:8080/tests/panel.html

This page acts as a test panel for various scenarios. Play around! :)

Modify the example to use the correct configuration.

Exposing other query string parameters on return

Some OAuth servers will return additional parameters to the requester. In order to access these they must be explicitly asked for:

config.explicitlyExposedTokens = ['open_id'];

Then this will be available as a property: accessContext.explicitlyExposedTokens.open_id.

Extra parameters which other OAuth servers require

It is probable you will encounter an OAuth server which requires some additional parameters. In order to pass extra parameters, add the following to the configuration:

config.extraAuthorizationParameters = { 'some_query_string_param': 'value', ... };

If you have values which need to be computed at run-time and then passed, you can pass them like so:

oauth2.fetchAuthorizationCode({ 'another_query_string_param': computedValue });

Module systems supported

Module systemFile
Browser (window)index.umd.js
CommonJS (require e.g. nodejs)index.js
TypeScriptindex.ts

Development

Publishing to NPM

Grab the NPM-generated bity-oauth2-auth-code-pkce-*.tgz tarball from CI and then use npm publish $tarball to publish it to NPM.

Keywords

FAQs

Package last updated on 09 Jun 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc