Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

@octokit-next/oauth-authorization-url

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@octokit-next/oauth-authorization-url

Universal library to retrieve GitHubâs identity URL for the OAuth web flow

2.8.0
latest
Source
npm

Version published: 7 months ago

Maintainers: 2

Created: 2 years ago

Source

oauth-authorization-url.js

Universal library to retrieve GitHub’s identity URL for the OAuth web flow

See GitHub’s Developer Guide for the OAuth App web application flow. Note that the OAuth web application flow for GitHub Apps is slightly different. GitHub Apps do not support scopes for its user access tokens (they are called user-to-server tokens for GitHub Apps), instead they inherit the user permissions from the GitHub App's registration and the repository/organization access and permissions from the respective installation.

Usage

Browsers

Browsers	Load `@octokit-next/oauth-authorization-url` directly from cdn.skypack.dev `<script type="module"> import { oauthAuthorizationUrl } from "https://cdn.skypack.dev/@octokit-next/oauth-authorization-url"; </script>`
Node	Install with `npm install @octokit/oauth-next-authorization-url` `import { oauthAuthorizationUrl } from "@octokit-next/oauth-authorization-url";`
Deno	Load `@octokit-next/oauth-next-authorization-url` directly from cdn.skypack.dev, including types. `import { oauthAuthorizationUrl } from "https://cdn.skypack.dev/@octokit-next/oauth-next-authorization-url?dts";`

Load @octokit-next/oauth-authorization-url directly from cdn.skypack.dev

<script type="module">
  import { oauthAuthorizationUrl } from "https://cdn.skypack.dev/@octokit-next/oauth-authorization-url";
</script>

Node

Install with npm install @octokit/oauth-next-authorization-url

import { oauthAuthorizationUrl } from "@octokit-next/oauth-authorization-url";

Deno

Load @octokit-next/oauth-next-authorization-url directly from cdn.skypack.dev, including types.

import { oauthAuthorizationUrl } from "https://cdn.skypack.dev/@octokit-next/oauth-next-authorization-url?dts";

For OAuth Apps

const { url, clientId, redirectUrl, login, scopes, state } =
  oauthAuthorizationUrl({
    clientType: "oauth-app",
    clientId: "1234567890abcdef1234",
    redirectUrl: "https://example.com",
    login: "octocat",
    scopes: ["repo", "admin:org"],
    state: "secret123",
  });

For GitHub Apps

const { url, clientId, redirectUrl, login, state } = oauthAuthorizationUrl({
  clientType: "github-app",
  clientId: "lv1.1234567890abcdef",
  redirectUrl: "https://example.com",
  login: "octocat",
  state: "secret123",
});

Options

name	description
`clientId`	Required. The client ID you received from GitHub when you registered.
`clientType`	Must be set to either `"oauth-app"` or `"github-app"`. Defaults to `"oauth-app"`.
`redirectUrl`	The URL in your application where users will be sent after authorization. See Redirect URLs in GitHub’s Developer Guide.
`login`	Suggests a specific account to use for signing in and authorizing the app.
`scopes`	Only relevant when `clientType` is set to `"oauth-app"`. An array of scope names (or: space-delimited list of scopes). If not provided, scope defaults to an empty list for users that have not authorized any scopes for the application. For users who have authorized scopes for the application, the user won't be shown the OAuth authorization page with the list of scopes. Instead, this step of the flow will automatically complete with the set of scopes the user has authorized for the application. For example, if a user has already performed the web flow twice and has authorized one token with user scope and another token with repo scope, a third web flow that does not provide a scope will receive a token with user and repo scope. Defaults to `[]` if `clientType` is set to `"oauth-app"`.
`state`	An unguessable random string. It is used to protect against cross-site request forgery attacks. Defaults to `Math.random().toString(36).substr(2)`.
`allowSignup`	Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow. Use `false` in the case that a policy prohibits signups. Defaults to `true`.
`baseUrl`	When using GitHub Enterprise Server, set the baseUrl to the origin, e.g. `https://github.my-enterprise.com`.

Result

oauthAuthorizationUrl() returns an object with the following properties

name	description
`allowSignup`	Returns `options.allowSignup` if it was set. Defaults to `true`.
`clientType`	Returns `options.clientType`. Defaults to `"oauth-app"`.
`clientId`	Returns `options.clientId`.
`login`	Returns `options.login` if it was set. Defaults to `null`.
`redirectUrl`	Returns `options.redirectUrl` if it was set. Defaults to `null`.
`scopes`	Only set if `options.clientType` is set to `"oauth-app"`. Returns an array of strings. Returns `options.scopes` if it was set and turns the string into an array if a string was passed, otherwise `[]`.
`state`	Returns `options.state` if it was set. Defaults to Defaults to `Math.random().toString(36).substr(2)`.
`url`	The authorization URL

Types

import {
  ClientType,
  OAuthAppOptions,
  OAuthAppResult,
  GitHubAppOptions,
  GitHubAppResult,
} from "@octokit-next/oauth-authorization-url";

License

MIT

Keywords

FAQs

What is @octokit-next/oauth-authorization-url?

Is @octokit-next/oauth-authorization-url well maintained?

Package last updated on 03 Apr 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install