![Deno 2.2 Improves Dependency Management and Expands Node.js Compatibility](https://cdn.sanity.io/images/cgdhsj6q/production/97774ea8c88cc8f4bed2766c31994ebc38116948-1664x1366.png?w=400&fit=max&auto=format)
Security News
Deno 2.2 Improves Dependency Management and Expands Node.js Compatibility
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.
mixdown-oauth
Advanced tools
OAuth library and mixdown plugin. Facilitates communication between browsers and OAuth providers. Wraps node-oauth and provides Google and Facebook flavors out of the box.
Install with npm install mixdown-oauth
.
Run tests with npm test
.
See a basic example site with node examples/example.js
.
Just require, configure and use.
Here's a simple example configured against Google.
var GoogleOAuth = require('mixdown-oauth').GoogleOAuth;
var oauth = new GoogleOAuth({
clientSecret: 'v75vSYduofxAu1nizreK4HUT', // your app's client secret
clientId: '527660584577.apps.googleusercontent.com', // your app's client id
callbackUrl: 'http://localhost:8080/oauth2callback' // callback URL from oauth provider
});
You can also configure against any provider which implements OAuth 2. The above could also be implemented as follows:
var OAuth = require('mixdown-oauth').OAuth;
var oauth = new OAuth({
clientSecret: 'v75vSYduofxAu1nizreK4HUT',
clientId: '527660584577.apps.googleusercontent.com',
callbackUrl: 'http://localhost:8080/oauth2callback',
authorizePath: 'https://accounts.google.com/o/oauth2/auth',
accessTokenPath: 'https://accounts.google.com/o/oauth2/token',
scope: 'openid profile'
});
Once initialized, you can generate an authentication URL. This will take you to the provider's login page where the user can grant permissions to your app.
var authUrl = oauth.getAuthUrl();
When they accept, they'll be redirected back to the callback URL you provided in the config. You need to listen to requests on that URL, but can pass them to the OAuth library to handle them.
var http = require('http');
var url = require('url');
http.createServer(function (req, req) {
var parsedUrl = url.parse(req.url, true);
if (parsedUrl.pathname === '/oauth2callback') {
// oauth response is passed back from the provider on the query, just pass that along
oauth.handleAuthCallback(parsedUrl.query, function (error, response) {
if (error) {
// something went wrong - possibly the login failed or the user rejected it.
res.writeHead(401, {'content-type': 'text/plain})
res.end(error.stack);
}
else {
/* logged in - you can use the session data to make calls against the oauth
* provider's API or use it to maintain a local session
*/
res.writeHead(200, {'content-type': 'application/json'});
res.end(JSON.stringify(response));
}
});
}
else {
// other stuff
}
}).listen(8080);
As a mixdown plugin, just point to any of the plugin exports as a module and include your options. Options are the same as the library, with the addition of a required provider
option, which indicates the attachment point under the OAuth namespace. This allows you to configure multiple OAuth providers or override them if necessary.
{
"plugins": {
"myOauthProvider": {
"module": "mixdown-oauth#Plugin",
"options": {
"provider": "google",
"clientSecret": "v75vSYduofxAu1nizreK4HUT",
"clientId": "527660584577.apps.googleusercontent.com",
"callbackUrl": "http://localhost:8080/oauth2callback",
"authorizePath": "https://accounts.google.com/o/oauth2/auth",
"accessTokenPath": "https://accounts.google.com/o/oauth2/token",
"scope": "openid profile"
}
},
}
}
The usual methods will be available on app.plugins.oauth.google
.
This should also work as a broadway plugin, but that is untested.
###OAuth(options)
Build a new OAuth instance against a provider.
options.clientId
client IDoptions.clientSecret
client secretoptions.authorizePath
authorization pathoptions.accessTokenPath
access token pathoptions.callbackUrl
callback URLoptions.scope
requested permissionsGet the authorization URL for the provider.
params
Optional, overrides for base options on this request. Currently only supports overriding options.scope
Used to parse the callback response upon login. Call this from your callback handler.
params
Generally, you should just pass the parsed query from the request to the callback URL as this parameter. See usage/examples.callback(error, response)
Callback function. error
if the authentication failed, otherwise the response data as an object (after passed through parseResponse
).This is an interface to inject modifications to the OAuth provider's response. Override this for custom logic and return the parsed results.
response
object returned from OAuth provider.This is an interface to get user profile information from the OAuth provider. If called without being overridden, it will throw an error. However, it is implemented on the Facebook and Google variants.
This should standardize the user's ID, first name, last name to id
, first_name
, last_name
and email
.
FAQs
OAuth libraries and plugins for mixdown/broadway
The npm package mixdown-oauth receives a total of 1 weekly downloads. As such, mixdown-oauth popularity was classified as not popular.
We found that mixdown-oauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.
Security News
React's CRA deprecation announcement sparked community criticism over framework recommendations, leading to quick updates acknowledging build tools like Vite as valid alternatives.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.