Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

superagent-oauth2-client

Package Overview
Dependencies
Maintainers
1
Versions
14
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

superagent-oauth2-client

A superagent plugin for oauth2-client

  • 0.0.17
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

superagent-oauth2-client

Build Status Coverage Status

A superagent plugin for stressless OAuth2 token management using oauth2-client.

Installation

npm i --save superagent-oauth2-client

Usage

var superagent = require('superagent'),
    request = require('superagent-oauth2-client')(superagent),
    OAuth = require('oauth2-client-js');

// define a single oauth provider
// will use localstorage to save tokens
var provider = new OAuth.Provider({
    id: 'google',
    authorization_url: 'https://google.com/auth'
});

request
    .get('http://server.com')
    .oauth(provider, {
        redirect_uri: '...',
        client_id: 'client_id'
    })
    .exec()
    .then()      // business logic
    .catch();    // error handling

then will only be called when the original request was successful, no matter if the first or the second time.

catch may be called for varying reasons. We may have used a valid token, but the server responded with an error. Or we might just be about to redirect the user to the auth endpoint.

How does it work

.oauth() hides almost all the magic from you. What is this magic?

When you do a request it will first look if the provider has an access token. If it does, it will set it on the Authorization header and send the request. If it doesn’t, it will automatically redirect to the authorization_url (ie. window.location.href=xxx).

In the happy case the user logged in, gave its consent and will be redirected to the redirect_uri in your app. There is some manual work to do now, you have to parse the encoded response and react accordingly.

var response = provider.parse(window.location.href);

It it doesn’t throw an error, everything’s good now.

If there was an access token, but it’s considered invalid (=> server returns 401 status), .oauth will redirect the user to the auth endpoint again.

How to save application state

You can pass a function to exec() that will be passed the oauth access token request that’s about to be issued. There you can set arbitrary things in the metadata field. This will be again available after you the reponse was parsed successfully.

request
    ...
    .exec(function(req) {
        req.metadata.time = Date.now();
        req.metadata.currentRoute = window.location.path;
    })
    .then...

var response = provider.parse(window.location.href);
navigateTo(response.metadata.currentRoute);

License

Apache 2.0 as stated in the LICENSE.

Keywords

FAQs

Package last updated on 18 May 2015

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc