Socket
Socket
Sign inDemoInstall

arctic

Package Overview
Dependencies
37
Maintainers
1
Versions
49
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 0.0.0 to 0.1.0

dist/index.d.ts
dist/index.js
dist/providers/apple.d.ts
dist/providers/apple.js
dist/providers/azure-ad.d.ts
dist/providers/azure-ad.js
dist/providers/discord.d.ts
dist/providers/discord.js
dist/providers/facebook.d.ts
dist/providers/facebook.js
dist/providers/github.d.ts
dist/providers/github.js
dist/providers/google.d.ts
dist/providers/google.js
dist/providers/line.d.ts
dist/providers/line.js
dist/providers/spotify.d.ts
dist/providers/spotify.js
dist/providers/twitch.d.ts
dist/providers/twitch.js
dist/providers/twitter.d.ts
dist/providers/twitter.js
dist/request.d.ts
dist/request.js

68

package.json
{
"name": "arctic",
"version": "0.0.0",
"description": "Database migration API for Knex",
"main": "./src",
"scripts": {
"lint": "standard",
"test": "npm run lint && babel-tape-runner test/*"
},
"type": "module",
"version": "0.1.0",
"description": "A collection of auth-related utilities",
"main": "dist/index.js",
"types": "dist/index.d.ts",
"module": "dist/index.js",
"files": [
"/dist/"
],
"author": "pilcrowOnPaper",
"license": "MIT",
"repository": {
"type": "git",
"url": "https://github.com/knex/arctic.git"
"url": "https://github.com/pilcrowOnPaper/oslo"
},
"keywords": [
"knex",
"migrations",
"database"
],
"author": "",
"license": "MIT",
"bugs": {
"url": "https://github.com/knex/arctic/issues"
},
"homepage": "https://github.com/knex/arctic",
"contributors": [
"Ben Drucker <bvdrucker@gmail.com> (http://bendrucker.me)",
"Tim Griesser <tgriesser10@gmail.com>"
],
"devDependencies": {
"babel": "~5.1.10",
"babel-tape-runner": "~1.1.0",
"blue-tape": "~0.1.8",
"isparta": "^2.2.0",
"knex": "~0.7.6",
"proxyquire": "^1.4.0",
"sinon": "^1.14.1",
"sinon-as-promised": "^2.0.3",
"sqlite3": "~3.0.5",
"standard": "bendrucker/standard#babel"
"@types/node": "^20.8.6",
"@typescript-eslint/eslint-plugin": "^6.7.5",
"@typescript-eslint/parser": "^6.7.5",
"eslint": "^8.51.0",
"prettier": "^3.0.3",
"typescript": "^5.2.2"
},
"dependencies": {
"bluebird": "^2.9.14",
"easydate": "^1.2.1",
"interpret": "~0.5.2",
"lodash.template": "^3.3.2",
"xtend": "^4.0.0"
"oslo": "0.19.0"
},
"standard": {
"ignore": [
"src/stubs/*"
]
"scripts": {
"build": "rm -rf dist/* && tsc",
"format": "prettier -w .",
"lint": "eslint src",
"test": "vitest run --sequence.concurrent"
}
}
}

223

README.md

@@ -1,2 +0,221 @@

# arctic
Database migration API for Knex
# `arctic`
Library for handling OAuth 2.0 with built-in providers. Light weight, fully-typed, runtime-agnostic. Built using [`oslo`](http://github.com/pilcrowonpaper/oslo). For a more flexible OAuth 2.0 client, see [`oslo/oauth2`](http://github.com/pilcrowonpaper/oslo).
```
npm install arctic
```
## Providers
- [Apple](#oauth-20)
- [Azure AD](#oauth-20-with-pkce-flow)
- [Discord](#oauth-20)
- [Facebook](#oauth-20)
- [Github](#oauth-20)
- [Google](#oauth-20)
- [LINE](#oauth-20)
- [Spotify](#oauth-20)
- [Twitch](#oauth-20)
- [Twitter](#oauth-20-with-pkce-flow)
## OAuth 2.0
Most providers require the `client_id` and `client_secret`. You may also optionally pass `scope`. For OIDC clients, `openid` and `profile` scope are always included.
```ts
import { Github } from "arctic";
const github = new Github(clientId, clientSecret, {
scope: ["user:email"] // etc
});
```
Some providers also require the redirect URI.
```ts
import { Google } from "arctic";
const redirectURI = "http://localhost:3000/login/google/callback";
const github = new Github(clientId, clientSecret, redirectURI);
```
### Create authorization URL
Generate state using `generateState()` and store it as a cookie. Use it to create an authorization URL with `createAuthorizationURL()` and redirect the user to it.
```ts
import { generateState } from "arctic";
const state = generateState();
const url = await github.createAuthorizationURL(state);
// store state as cookie
setCookie("state", state, {
secure: true, // set to false in localhost
path: "/",
httpOnly: true,
maxAge: 60 * 10 // 10 min
});
return redirect(url);
```
### Validate authorization code
Compare the state, and use `validateAuthorizationCode()` to validate the authorization code. This returns an object with an access token, and a refresh token if requested. If the code is invalid, it will throw an `AccessTokenRequestError`.
```ts
import { OAuth2RequestError } from "arctic";
const code = request.url.searchParams.get("code");
const state = request.url.searchParams.get("state");
const storedState = getCookie("state");
if (!code || !storedState || state !== storedState) {
// 400
throw new Error("Invalid request");
}
try {
const tokens = await github.validateAuthorizationCode(code);
} catch (e) {
if (e instanceof OAuth2RequestError) {
const { message, description, request } = e;
}
// unknown error
}
```
### Other
See also:
- [Get the current user](#get-the-current-user)
- [Refresh access tokens](#refresh-access-tokens)
## OAuth 2.0 with PKCE flow
Most providers require the `client_id` and `client_secret`. You may also optionally pass `scope`. For OIDC clients, `openid` and `profile` scope are always included.
```ts
import { Github } from "arctic";
const github = new Github(clientId, clientSecret, {
scope: ["user:email"] // etc
});
```
Some providers also require the redirect URI.
```ts
import { Google } from "arctic";
const redirectURI = "http://localhost:3000/login/google/callback";
const github = new Github(clientId, clientSecret, redirectURI);
```
### Create authorization URL
Generate state and code verifier using `generateState()` and `generateCodeVerifier()`, and store them as cookies. Use them to create an authorization URL with `createAuthorizationURL()` and redirect the user to it.
```ts
import { generateState, generateCodeVerifier } from "arctic";
const state = generateState();
const codeVerifier = generateCodeVerifier();
const url = await github.createAuthorizationURL(state, codeVerifier);
// store state and code verifier as cookie
setCookie("state", state, {
secure: true, // set to false in localhost
path: "/",
httpOnly: true,
maxAge: 60 * 10 // 10 min
});
setCookie("code_verifier", state, {
secure: true, // set to false in localhost
path: "/",
httpOnly: true,
maxAge: 60 * 10 // 10 min
});
return redirect(url);
```
### Validate authorization code
Compare the state, and use `validateAuthorizationCode()` to validate the authorization code with the code verifier. This returns an object with an access token, and a refresh token if requested. If the code is invalid, it will throw an `AccessTokenRequestError`.
```ts
import { OAuth2RequestError } from "arctic";
const code = request.url.searchParams.get("code");
const state = request.url.searchParams.get("state");
const codeVerifier = request.url.searchParams.get("code_verifier");
const storedState = getCookie("state");
if (!code || !codeVerifier || state !== storedState) {
// 400
throw new Error("Invalid request");
}
try {
const tokens = await github.validateAuthorizationCode(code, codeVerifier);
} catch (e) {
if (e instanceof OAuth2RequestError) {
// see https://oslo.js.org/reference/oauth2/OAuth2RequestError/
const { request, message, description } = e;
}
// unknown error
}
```
### Other
See also:
- [Get the current user](#get-the-current-user)
- [Refresh access tokens](#refresh-access-tokens)
## Other
### Get the current user
Some providers expose `getUser()` to get the current user from an access token. This will throw an `RequestError` if the access token is invalid.
```ts
import { RequestError } from "arctic";
try {
const user = await github.getUser(tokens.accessToken);
} catch (e) {
if (e instanceof RequestError) {
// get fetch Request and Response
const { request, response } = e;
}
// unknown error
}
```
### Refresh access tokens
Some providers expose `refreshAccessToken()` to get a new access token from a refresh token. This will throw an `OAuth2RequestError` if the refresh token is invalid.
```ts
import { OAuth2RequestError } from "arctic";
try {
const tokens = await google.refreshAccessToken(refreshToken);
} catch (e) {
if (e instanceof OAuth2RequestError) {
// see https://oslo.js.org/reference/oauth2/OAuth2RequestError/
const { request, message, description } = e;
}
// unknown error
}
```
.babelrc
.npmignore
.travis.yml
src/file.js
src/index.js
src/stubs/stub.coffee
src/stubs/stub.js
src/stubs/stub.ls
test/file.js
test/index.js
LICENSE

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc