Gitroom - Libraries

@node-oauth/oauth2-server

0

The unofficial successor to oauthjs/oauth2-server. Complete, compliant, maintained and well tested OAuth2 Server for node.js. Includes native async await and PKCE.

Security

oauth2
nodejs
node
oauth

@node-oauth/oauth2-server

Complete, compliant and well tested module for implementing an OAuth2 server in Node.js.

Tests CodeQL Semantic Analysis Tests for Release Documentation Status Project Status: Active – The project has reached a stable, usable state and is being actively developed. npm Version npm Downloads/Week GitHub License

NOTE: This project has been forked from oauthjs/node-oauth2-server and is a continuation due to the project appearing to be abandoned. Please see our issue board to talk about next steps and the future of this project.

Installation

npm install @node-oauth/oauth2-server

The @node-oauth/oauth2-server module is framework-agnostic but there are several officially supported wrappers available for popular HTTP server frameworks such as Express and Koa (not maintained by us). If you're using one of those frameworks it is strongly recommended to use the respective wrapper module instead of rolling your own.

Features

  • Supports authorization_code, client_credentials, refresh_token and password grant, as well as extension grants, with scopes.
  • Can be used with promises, ES6 generators and async/await (using Babel).
  • Fully RFC 6749 and RFC 6750 compliant.
  • Implicitly supports any form of storage, e.g. PostgreSQL, MySQL, MongoDB, Redis, etc.
  • Support for PKCE
  • Complete test suite.

Documentation

Documentation is hosted on Read the Docs. We have multiple versions of the docs available:

Please leave an issue if something is confusing or missing in the docs.

Examples

Most users should refer to our Express (active) or Koa (not maintained by us) examples.

More examples can be found here: https://github.com/14gasher/oauth-example

Version 5 notes

Beginning with version 5.x we removed dual support for callbacks and promises. With this version there is only support for Promises / async/await.

With this version we also bumped the engine to Node 16 as 14 is now deprecated.

Migrating from OAuthJs and 3.x

Version 4.x should not be hard-breaking, however, there were many improvements and fixes that may be incompatible with specific behaviour in <= 3.x

For more info, please read the changelog or open an issue, if you think something is unexpectedly not working.

Supported NodeJs versions

This project supports the node versions along the NodeJS LTS releases, focusing on

  • Maintenance LTS
  • Active LTS
  • Current

Contributing to this project

Please read our contribution guide before taking actions. In any case, please open an issue before opening a pull request to find out whether your intended contribution will actually have a chance to be merged.