What is @octokit/oauth-authorization-url?
@octokit/oauth-authorization-url is a package that helps you generate OAuth authorization URLs for GitHub. This is useful for applications that need to authenticate users via GitHub and obtain an OAuth token for accessing GitHub APIs on behalf of the user.
What are @octokit/oauth-authorization-url's main functionalities?
Generate OAuth Authorization URL
This feature allows you to generate an OAuth authorization URL that you can redirect users to. The URL includes the necessary query parameters such as client ID, scopes, and state.
const { OAuthApp } = require('@octokit/oauth-authorization-url');
const app = new OAuthApp({
clientId: 'your-client-id',
clientSecret: 'your-client-secret'
});
const url = app.getAuthorizationUrl({
scopes: ['repo', 'user'],
state: 'random-string'
});
console.log(url);
Other packages similar to @octokit/oauth-authorization-url
passport-github
passport-github is a Passport strategy for authenticating with GitHub using the OAuth 2.0 API. It is more comprehensive as it integrates with the Passport.js authentication middleware, providing a complete solution for GitHub authentication.
simple-oauth2
simple-oauth2 is a library that provides a simple and consistent way to handle OAuth 2.0 authorization flows. It is more generic and can be used with various OAuth 2.0 providers, not just GitHub.
node-oauth2-server
node-oauth2-server is a complete, framework-agnostic module for implementing OAuth 2.0 servers. It is more complex and provides a full-fledged OAuth 2.0 server implementation, which is useful if you need to manage OAuth tokens and authorization flows on your own server.
oauth-authorization-url.js
Universal library to retrieve GitHub’s identity URL for the OAuth web flow
See GitHub’s Developer Guide for the OAuth web application flow.
Usage
Browsers
|
Load @octokit/oauth-authorization-url directly from cdn.pika.dev
<script type="module">
import { oauthLoginUrl } from "https://cdn.pika.dev/@octokit/oauth-authorization-url";
</script>
|
---|
Node
|
Install with npm install @octokit/oauth-authorization-url
const { oauthLoginUrl } = require("@octokit/oauth-authorization-url");
|
---|
const { url, clientId, redirectUri, login, scopes, state } = oauthLoginUrl({
clientId: "1234567890abcdef1234",
redirectUri: "https://example.com",
login: "octocat",
scopes: ["repo", "admin:org"],
state: "secret123",
log: {
warn(message) {
myLogger.log(message, { level: "warn" });
}
}
});
Override or set default options
const myLogin = login.defaults({
baseUrl: "https://github.my-enterprise.com",
defaultRedirectUri: "https://app.my-enterprise.com",
client: "1234567890abcdef1234"
});
location.href = oauthLoginUrl().url;
Options
name
|
description
|
---|
clientId
|
Required. The client ID you received from GitHub when you registered.
|
---|
redirectUri
|
The URL in your application where users will be sent after authorization. See Redirect URLs in GitHub’s Developer Guide.
|
---|
login
|
Suggests a specific account to use for signing in and authorizing the app.
|
---|
scopes
|
An array of scope names (or: space-delimited list of scopes). If not provided, scope defaults to an empty list for users that have not authorized any scopes for the application. For users who have authorized scopes for the application, the user won't be shown the OAuth authorization page with the list of scopes. Instead, this step of the flow will automatically complete with the set of scopes the user has authorized for the application. For example, if a user has already performed the web flow twice and has authorized one token with user scope and another token with repo scope, a third web flow that does not provide a scope will receive a token with user and repo scope.
|
---|
state
|
An unguessable random string. It is used to protect against cross-site request forgery attacks.
Defaults to Math.random().toString(36).substr(2) .
|
---|
allowSignup
|
Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow. The default is true . Use false in the case that a policy prohibits signups.
|
---|
log
|
When invalid options are passed, warnings are logged using log.warn(message) . Defaults to console .
|
---|
baseUrl
|
When using GitHub Enterprise Server, set the baseUrl to the origin, e.g. https://github.my-enterprise.com/ .
|
---|
defaultRedirectUri
|
Set to the redirect URL as defined in your OAuth app. When a redirectUri is passed which does not include defaultRedirectUri , an error is thrown.
|
---|
Result
oauthLoginUrl()
returns an object with the following properties
name
|
description
|
---|
allowSignup
|
Returns options.allowSignup if it was set. Defaults to true .
|
---|
clientId
|
Returns options.clientId .
|
---|
login
|
Returns options.login if it was set. Defaults to null .
|
---|
redirectUri
|
Returns options.redirectUri if it was set. Defaults to options.defaultRedirectUri if it was set, otherwise null .
|
---|
scopes
|
Always returns an array of strings. Returns options.scopes if it was set and turns the string into an array if a string was passed. Defaults to [] .
|
---|
state
|
Returns options.state if it was set. Defaults to Defaults to Math.random().toString(36).substr(2) .
|
---|
url
|
The authorization URL
|
---|
License
MIT