passport-oauth1

passport-oauth1

General-purpose OAuth 1.0 authentication strategy for Passport.

This module lets you authenticate using OAuth in your Node.js applications. By plugging into Passport, OAuth-based sign in can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Note that this strategy provides generic OAuth support. In many cases, a provider-specific strategy can be used instead, which cuts down on unnecessary configuration, and accommodates any provider-specific quirks. See the list for supported providers.

Developers who need to implement authentication against an OAuth provider that is not already supported are encouraged to sub-class this strategy. If you choose to open source the new provider-specific strategy, please add it to the list so other people can find it.

---

^{Advertisement}
Learn OAuth 2.0 - Get started as an API Security Expert
Just imagine what could happen to YOUR professional career if you had skills in OAuth > 8500 satisfied students

---

...

Install

$ npm install passport-oauth1

Usage

Configure Strategy

The OAuth authentication strategy authenticates users using a third-party account and OAuth tokens. The provider's OAuth endpoints, as well as the consumer key and secret, are specified as options. The strategy requires a verify callback, which receives a token and profile, and calls cb providing a user.

passport.use(new OAuth1Strategy({
    requestTokenURL: 'https://www.example.com/oauth/request_token',
    accessTokenURL: 'https://www.example.com/oauth/access_token',
    userAuthorizationURL: 'https://www.example.com/oauth/authorize',
    consumerKey: EXAMPLE_CONSUMER_KEY,
    consumerSecret: EXAMPLE_CONSUMER_SECRET,
    callbackURL: "http://127.0.0.1:3000/auth/example/callback",
    signatureMethod: "RSA-SHA1"
  },
  function(token, tokenSecret, profile, cb) {
    User.findOrCreate({ exampleId: profile.id }, function (err, user) {
      return cb(err, user);
    });
  }
));

Authenticate Requests

Use passport.authenticate(), specifying the 'oauth' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get('/auth/example',
  passport.authenticate('oauth'));

app.get('/auth/example/callback', 
  passport.authenticate('oauth', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });

Related Modules

• passport-oauth2 — OAuth 2.0 authentication strategy
• passport-http-oauth — OAuth authentication strategy for APIs
• oauthorize — OAuth service provider toolkit

Contributing

Tests

The test suite is located in the test/ directory. All new features are expected to have corresponding test cases. Ensure that the complete test suite passes by executing:

$ make test

Coverage

All new feature development is expected to have test coverage. Patches that increse test coverage are happily accepted. Coverage reports can be viewed by executing:

$ make test-cov
$ make view-cov

License

The MIT License

Copyright (c) 2011-2016 Jared Hanson <http://jaredhanson.net/>