Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

simple-oauth2

Package Overview
Dependencies
Maintainers
2
Versions
53
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

simple-oauth2

Node.js client for OAuth2

  • 1.4.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
197K
decreased by-7.62%
Maintainers
2
Weekly downloads
 
Created

What is simple-oauth2?

The simple-oauth2 npm package is a straightforward and flexible library for implementing OAuth2 authentication in Node.js applications. It provides a simple API to handle the OAuth2 authorization flows, including obtaining access tokens, refreshing tokens, and revoking tokens.

What are simple-oauth2's main functionalities?

Authorization Code Flow

This feature allows you to generate an authorization URL for the Authorization Code Flow. Users can visit this URL to authorize your application and obtain an authorization code.

const { AuthorizationCode } = require('simple-oauth2');

const client = new AuthorizationCode({
  client: {
    id: 'your-client-id',
    secret: 'your-client-secret',
  },
  auth: {
    tokenHost: 'https://authorization-server.com',
    tokenPath: '/oauth/token',
    authorizePath: '/oauth/authorize',
  },
});

const authorizationUri = client.authorizeURL({
  redirect_uri: 'http://localhost:3000/callback',
  scope: 'user_profile',
  state: 'random-string',
});

console.log('Visit this URL to authorize:', authorizationUri);

Obtaining Access Token

This feature allows you to exchange an authorization code for an access token. The access token can then be used to access protected resources on behalf of the user.

const tokenParams = {
  code: 'authorization-code',
  redirect_uri: 'http://localhost:3000/callback',
  scope: 'user_profile',
};

client.getToken(tokenParams)
  .then((result) => {
    const accessToken = client.createToken(result);
    console.log('Access Token:', accessToken.token);
  })
  .catch((error) => {
    console.error('Access Token Error', error.message);
  });

Refreshing Access Token

This feature allows you to refresh an expired access token using a refresh token. The new access token can then be used to continue accessing protected resources.

const token = client.createToken({
  access_token: 'existing-access-token',
  refresh_token: 'existing-refresh-token',
  expires_in: '3600',
});

token.refresh()
  .then((result) => {
    const refreshedToken = client.createToken(result);
    console.log('Refreshed Token:', refreshedToken.token);
  })
  .catch((error) => {
    console.error('Refresh Token Error', error.message);
  });

Revoking Access Token

This feature allows you to revoke an access token, making it invalid for further use. This is useful for logging out users or invalidating tokens for security reasons.

const token = client.createToken({
  access_token: 'existing-access-token',
  refresh_token: 'existing-refresh-token',
  expires_in: '3600',
});

token.revoke('access_token')
  .then(() => {
    console.log('Access Token Revoked');
  })
  .catch((error) => {
    console.error('Revoke Token Error', error.message);
  });

Other packages similar to simple-oauth2

FAQs

Package last updated on 04 Nov 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc