Socket
Socket
Sign inDemoInstall

passport-oauth1

Package Overview
Dependencies
3
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

Install Socket

Protect your apps from supply chain attacks

Install

passport-oauth1

OAuth 1.0 authentication strategy for Passport.

    1.3.0latest
    GitHub
    npm

Version published
Maintainers
1
Weekly downloads
202,061
decreased by-4.57%

Weekly downloads

Changelog

Source

[1.3.0] - 2023-03-01

Added

  • callbackURL property added to metadata passed to request token store.

Readme

Source

passport-oauth1

General-purpose OAuth 1.0 authentication strategy for Passport.

This module lets you authenticate using OAuth in your Node.js applications. By plugging into Passport, OAuth-based sign in can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Note that this strategy provides generic OAuth support. In many cases, a provider-specific strategy can be used instead, which cuts down on unnecessary configuration, and accommodates any provider-specific quirks. See the list for supported providers.

Developers who need to implement authentication against an OAuth provider that is not already supported are encouraged to sub-class this strategy. If you choose to open source the new provider-specific strategy, please add it to the list so other people can find it.

:heart: Sponsors


Advertisement
Learn OAuth 2.0 - Get started as an API Security Expert
Just imagine what could happen to YOUR professional career if you had skills in OAuth > 8500 satisfied students


npm build coverage ...

Install

$ npm install passport-oauth1

Usage

Configure Strategy

The OAuth authentication strategy authenticates users using a third-party account and OAuth tokens. The provider's OAuth endpoints, as well as the consumer key and secret, are specified as options. The strategy requires a verify callback, which receives a token and profile, and calls cb providing a user.

passport.use(new OAuth1Strategy({
    requestTokenURL: 'https://www.example.com/oauth/request_token',
    accessTokenURL: 'https://www.example.com/oauth/access_token',
    userAuthorizationURL: 'https://www.example.com/oauth/authorize',
    consumerKey: EXAMPLE_CONSUMER_KEY,
    consumerSecret: EXAMPLE_CONSUMER_SECRET,
    callbackURL: "http://127.0.0.1:3000/auth/example/callback",
    signatureMethod: "RSA-SHA1"
  },
  function(token, tokenSecret, profile, cb) {
    User.findOrCreate({ exampleId: profile.id }, function (err, user) {
      return cb(err, user);
    });
  }
));
Authenticate Requests

Use passport.authenticate(), specifying the 'oauth' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get('/auth/example',
  passport.authenticate('oauth'));

app.get('/auth/example/callback', 
  passport.authenticate('oauth', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.
    res.redirect('/');
  });

Contributing

Tests

The test suite is located in the test/ directory. All new features are expected to have corresponding test cases. Ensure that the complete test suite passes by executing:

$ make test
Coverage

All new feature development is expected to have test coverage. Patches that increse test coverage are happily accepted. Coverage reports can be viewed by executing:

$ make test-cov
$ make view-cov

License

The MIT License

Copyright (c) 2011-2016 Jared Hanson <http://jaredhanson.net/>

Keywords

FAQs

Last updated on 01 Mar 2023

Did you know?

Socket installs a GitHub app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc