@node-oauth/express-oauth-server
Advanced tools
Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in Node.js.
This package wraps the @node-oauth/oauth2-server into an express compatible middleware. It's a maintained and up-to-date fork from the former oauthjs/express-oauth-server.
$ npm install @node-oauth/express-oauth-server
The module provides two middlewares - one for granting tokens and another to authorize them.
@node-oauth/express-oauth-server and, consequently @node-oauth/oauth2-server,
expect the request body to be parsed already.
The following example uses body-parser but you may opt for an alternative library.
const bodyParser = require('body-parser');
const express = require('express');
const OAuthServer = require('@node-oauth/express-oauth-server');
const app = express();
app.oauth = new OAuthServer({
model: {}, // See https://github.com/node-oauth/node-oauth2-server for specification
});
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(app.oauth.authorize());
app.use(function(req, res) {
res.send('Secret area');
});
app.listen(3000);
Note: The following options extend the default options from
@node-oauth/oauth2-server! You can read more about all possible options in the @node-oauth/oauth2-server documentation
const options = {
useErrorHandler: false,
continueMiddleware: false,
}
useErrorHandler
(type: boolean default: false)
If false, an error response will be rendered by this component. Set this value to true to allow your own express error handler to handle the error.
continueMiddleware
(type: boolean default: false)
The authorize() and token() middlewares will both render their
result to the response and end the pipeline.
next() will only be called if this is set to true.
Note: You cannot modify the response since the headers have already been sent.
authenticate() does not modify the response and will always call next()
Beginning with version 4.0 this package brings some potentially breaking changes:
'*' peer dependency, so it should not cause conflicts with your express versionFor more examples, please visit our dedicated "examples" repo , which also contains express examples.
MIT, see license file.
FAQs
OAuth provider for express
The npm package @node-oauth/express-oauth-server receives a total of 4,202 weekly downloads. As such, @node-oauth/express-oauth-server popularity was classified as popular.
We found that @node-oauth/express-oauth-server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.