@octokit/oauth-login-url

oauth-login-url.js

Universal library to retrieve GitHub’s identity URL for the OAuth web flow

See GitHub’s Developer Guide for the OAuth web application flow.

Usage

Browsers

<script type="module">
  import { oauthLoginUrl } from 'https://unpkg.com/@octokit/oauth-login-url';

  // get login URL
  const { url } = oauthLoginUrl({
    clientId: '1234567890abcdef1234'
  })

  // redirect to login page
  location.href = url
</script>

Node

const { oauthLoginUrl } = require('@octokit/oauth-login-url')
// or: import { oauthLoginUrl } from '@octokit/oauth-login-url'

// get login URL
const { url } = oauthLoginUrl({
  clientId: '1234567890abcdef1234'
})

// do something with the url :)

Full usage example

const { 
  url,
  clientId,
  redirectUri,  
  login,
  scopes,
  state
} = oauthLoginUrl({
  clientId: '1234567890abcdef1234',
  redirectUri: 'https://example.com',
  login: 'octocat',
  scopes: ['repo', 'admin:org'],
  state: 'secret123',
  log: {
    warn (message) {
      myLogger.log(message, { level: 'warn' })
    }
  }
})

Override or set default options

const myLogin = login.defaults({
  baseUrl: 'https://github.my-enterprise.com',
  defaultRedirectUri: 'https://app.my-enterprise.com',
  client: '1234567890abcdef1234'
})

location.href = oauthLoginUrl().url

Options

name	description
clientId	Required. The client ID you received from GitHub when you registered.
redirectUri	The URL in your application where users will be sent after authorization. See Redirect URLs in GitHub’s Developer Guide.
login	Suggests a specific account to use for signing in and authorizing the app.
scopes	An array of scope names (or: space-delimited list of scopes). If not provided, scope defaults to an empty list for users that have not authorized any scopes for the application. For users who have authorized scopes for the application, the user won't be shown the OAuth authorization page with the list of scopes. Instead, this step of the flow will automatically complete with the set of scopes the user has authorized for the application. For example, if a user has already performed the web flow twice and has authorized one token with user scope and another token with repo scope, a third web flow that does not provide a scope will receive a token with user and repo scope.
state	An unguessable random string. It is used to protect against cross-site request forgery attacks. Defaults to Math.random().toString(36).substr(2).
allowSignup	Whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow. The default is true. Use false in the case that a policy prohibits signups.
log	When invalid options are passed, warnings are logged using log.warn(message). Defaults to console.
baseUrl	When using GitHub Enterprise Server, set the baseUrl to the origin, e.g. https://github.my-enterprise.com/.
defaultRedirectUri	Set to the redirect URL as defined in your OAuth app. When a redirectUri is passed which does not include defaultRedirectUri, an error is thrown.

Result

oauthLoginUrl() returns an object with the following properties

name	description
allowSignup	Returns options.allowSignup if it was set. Defaults to true.
clientId	Returns options.clientId.
login	Returns options.login if it was set. Defaults to null.
redirectUri	Returns options.redirectUri if it was set. Defaults to options.defaultRedirectUri if it was set, otherwise null.
scopes	Always returns an array of strings. Returns options.scopes if it was set and turns the string into an array if a string was passed. Defaults to [].
state	Returns options.state if it was set. Defaults to Defaults to Math.random().toString(36).substr(2).
url	The authorization URL

License

MIT