Security News
npm Introduces minimumReleaseAge and Bulk OIDC Configuration
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.
By Sarah Gooding - Feb 26, 2026
Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details →
@resonant/oauth-client
Advanced tools
@resonant/oauth-client
A TypeScript library for performing OAuth login to a Resonant server.
resonant-oauth-client
A TypeScript library for performing OAuth login to a Resonant server.
Description
This provides support for authenticating with Resonant servers, using the OAuth2.0 Authorization Code Grant with PKCE flow.
Usage
-
Install the library:
npm install @resonant/oauth-client -
Instantiate an
OauthClientwith your application-specific configuration:import OauthClient from '@resonant/oauth-client'; const oauthClient = new OauthClient( new URL(process.env.OAUTH_API_ROOT), // e.g. 'http://localhost:8000/oauth/' process.env.OAUTH_CLIENT_ID, // e.g. 'Qir0Aq7AKIsAkMDLQe9MEfORbHEBKsViNhAKJf1A' ); -
Call
redirectToLoginwhen it's time to start a login flow:document.querySelector('#sign-in-link').addEventListener('click', (event) => { event.preventDefault(); oauthClient.redirectToLogin(); // This will redirect away from the current page }); -
At the start of every page load, unconditionally call
maybeRestoreLogin, to attempt to restore a login state; this will no-op if no login is present. Afterwards, get and store HTTP headers for authentication fromauthHeaders.let authHeaders; oauthClient.maybeRestoreLogin() .then(() => { authHeaders = oauthClient.authHeaders; });or, if using ES6 and
async/await:await oauthClient.maybeRestoreLogin(); const { authHeaders } = oauthClient; -
Include these headers with every Ajax API request:
fetch('http://localhost:8000/api/files', { headers: authHeaders, }); -
The login state will persist across page refreshes. Call
logoutto clear any active login:document.querySelector('#sign-out-link').addEventListener('click', (event) => { event.preventDefault(); oauthClient.logout() .then(() => { authHeaders = oauthClient.authHeaders; }); });
Example app
This repository comes bundled with an example application. Run it with:
git clone https://github.com/kitware-resonant/resonant-oauth-client.git
npm install
npm run build
cd example
npm install
npm run serve
# Visit http://localhost:1234/
Development
To develop the library using the example app:
# From the root of the repository
npm install
npm run watch
In another terminal:
# From the root of the repository
cd example
npm install
npm run serve
FAQs
A TypeScript library for performing OAuth2 login to a Resonant server.
The npm package @resonant/oauth-client receives a total of 54 weekly downloads. As such, @resonant/oauth-client popularity was classified as not popular.
We found that @resonant/oauth-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 13 Aug 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Risky Biz Podcast: Open Source Risk Is Compounding as AI Agents Write 90% of New Code
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.
By Sarah Gooding - Feb 24, 2026
Research
/Security News
Four Malicious NuGet Packages Target ASP.NET Developers With JIT Hooking and Credential Exfiltration
Socket uncovered four malicious NuGet packages targeting ASP.NET apps, using a typosquatted dropper and localhost proxy to steal Identity data and backdoor apps.
By Kush Pandya - Feb 23, 2026