CorePass Auth
CorePass Auth for JavaScript is a client SDK for public clients
for communicating with OAuth 2.0
and OpenID Connect providers
following the best practice
RFC 8252 - OAuth 2.0 for Native Apps.
The library is designed for use in Web Apps
, Node.js
CLI applications,
Chrome Apps
and applications that use Electron
or similar frameworks.
It strives to directly map the requests and responses of those specifications,
while following the idiomatic style of the implementation language.
The library also supports the PKCE
extension to OAuth which was created to secure authorization codes in public
clients when custom URI scheme redirects are used. The library is friendly to
other extensions (standard or otherwise) with the ability to handle additional
parameters in all protocol requests and responses.
Examples
An example application using the library is included in the src/node_app
folder and at https://github.com/googlesamples/appauth-js-electron-sample.
Auth Flow
CorePass Auth supports manual interaction with the Authorization Server where you need to perform
your own token exchanges. This example performs a manual exchange.
Fetch Service Configuration
AuthorizationServiceConfiguration.fetchFromIssuer(openIdConnectUrl)
.then(response => {
log('Fetched service configuration', response);
this.configuration = response;
this.showMessage('Completed fetching configuration');
})
.catch(error => {
log('Something bad happened', error);
this.showMessage(`Something bad happened ${error}`)
});
Make Authorization Requests
this.notifier = new AuthorizationNotifier();
this.authorizationHandler = new RedirectRequestHandler();
this.authorizationHandler.setAuthorizationNotifier(this.notifier);
this.notifier.setAuthorizationListener((request, response, error) => {
log('Authorization request complete ', request, response, error);
if (response) {
this.code = response.code;
this.showMessage(`Authorization Code ${response.code}`);
}
});
let request = new AuthorizationRequest({
client_id: clientId,
redirect_uri: redirectUri,
scope: scope,
response_type: AuthorizationRequest.RESPONSE_TYPE_CODE,
state: undefined,
extras: {'prompt': 'consent', 'access_type': 'offline'}
});
this.authorizationHandler.performAuthorizationRequest(this.configuration, request);
Making Token Requests
this.tokenHandler = new BaseTokenRequestHandler();
let request: TokenRequest|null = null;
if (this.code) {
let extras: StringMap|undefined = undefined;
if (this.request && this.request.internal) {
extras = {};
extras['code_verifier'] = this.request.internal['code_verifier'];
}
request = new TokenRequest({
client_id: clientId,
redirect_uri: redirectUri,
grant_type: GRANT_TYPE_AUTHORIZATION_CODE,
code: this.code,
refresh_token: undefined,
extras: extras
});
} else if (this.tokenResponse) {
request = new TokenRequest({
client_id: clientId,
redirect_uri: redirectUri,
grant_type: GRANT_TYPE_REFRESH_TOKEN,
code: undefined,
refresh_token: this.tokenResponse.refreshToken,
extras: undefined
});
}
this.tokenHandler.performTokenRequest(this.configuration, request)
.then(response => {
});
Make End Session Requests
this.notifier = new AuthorizationNotifier();
this.authorizationHandler = new RedirectRequestHandler();
this.authorizationHandler.setAuthorizationNotifier(this.notifier);
this.notifier.setAuthorizationListener((request, response, error) => {
log('End Session request complete ', request, response, error);
if (response && response instanceof EndSessionResponse) {
}
});
const request = new EndSessionRequest({
id_token_hint: idToken,
post_logout_redirect_uri: post_logout_redirect_uri,
state: undefined,
})
this.authorizationHandler.performEndSessionRequest(this.configuration, request);
Development
Preamble
This client has been written with TypeScript.
Setup
-
Install the latest version of Node.
NVM
(Node Version Manager is highly recommended).
-
Use nvm install
to install the recommended Node.js version.
-
Download the latest version of Visual Studio Code from
here.
Provision Dependencies
This app uses npm
to provision its dependencies.
git clone
the CorePass JS
library and go to the root folder of
the project containing package.json
file.npm install
to install all the dev and project dependencies.
Thats it! You are now ready to start working on CorePass JS
.
Development Workflow
The project uses npm
scripts to automate development workflows.
These scripts are made available via the package.json
file.
The following scripts are included:
-
npm run compile
or tsc
will compile all your TypeScript files.
All compiled files go into the built/
folder.
-
npm run watch
or tsc --watch
will compile your TypeScript files
in watch
mode. Recommended if you want to get continuous feedback.
-
npm run build-app
generates the output bundle.js
file in the built/
directory. This includes the full CorePass JS
library including all
its dependencies.
-
npm test
provisions the Karma
test runner to run all unit tests.
All tests are written using Jasmine.
To DEBUG your tests, click on the Debug
button in the Karma test runner
to look at the actual source of the tests. You can attach break points here.
-
npm run app
builds the test app on a local web server.
This is an end-to-end app which uses CorePass JS and is a demonstration
on how to use the library.
-
npm run node-app
builds a Node.js CLI sample app. This is an end-to-end app
which uses CorePass JS in a Node.js context.
Epigram
「Cryptoni Confidimus」
License
Licensed under the Apache License 2.0.