1.0.0 • Published 2 months ago

integreat-authenticator-oauth2 v1.0.0

Weekly downloads
7
License
ISC
Repository
github
Last release
2 months ago

OAuth 2.0 authenticator for Integreat

Makes Integreat handle authentication with an OAuth 2.0 service. Supports three grant types: client credentials, refresh token, and assertion with self-signed JWT token.

npm Version Build Status Coverage Status Maintainability

Getting started

Prerequisits

Requires node v10 and Integreat v0.7.

Installing and using

Install from npm:

npm install integreat-authenticator-oauth2

Example setup with refresh token grant type:

import integreat from 'integreat'
import oauth2 from 'integreat-authenticator-oauth2')

const defs = {
  auths: {
    id: 'service-oauth2',
    authenticator: 'oauth2',
    options: {
      grantType: 'refreshToken',
      uri: 'https://api.service.test/oauth/v1/token',
      key: 'client1',
      secret: 's3cr3t,
      redirectUri: 'https://service.test/cb,
      refreshToken: 't0k3n',
    }
  },
  schemas: [ /* your schemas */ ],
  services: [
    {
      id: 'service-with-oauth2',
      adapter: 'json',
      auth: 'service-oauth2',
      endpoints: [ /* your endpoints */ ],
      mappings: { /* your mapping */ },
    },
  ],
}

const resources = integreat.mergeResources(
  integreat.resources(),
  oauth2,
  { /* your other resources */ },
)

const great = integreat(defs, resources)

An auth def with the client credentials grant type could look like this:

const def = {
  auths: {
    id: 'service-oauth2',
    authenticator: 'oauth2',
    options: {
      grantType: 'clientCredential',
      uri: 'https://api.service.test/oauth/v1/token',
      key: 'client1',
      secret: 's3cr3t',
    },
  },
}

An auth def with the client credentials grant type could look like this:

const def = {
  auths: {
    id: 'service-oauth2',
    authenticator: 'oauth2',
    options: {
      grantType: 'jwtAssertion',
      uri: 'https://api.service.test/oauth/v1/token',
      key: 'client1',
      secret: privateKey, // In case of RS256, this needs to be the complete private key file
      scope: 'all',
      audience: 'https://api.service.test/oauth/v1/token',
      algorithm: 'RS256',
      expiresIn: 3600,
    },
  },
}

All grant types may include a scope options, which is a space delimited string of scope keywords, defined by the targeted service.

For version 0.2.2 only: Provide a custom authentication header type with the type option. Default is 'Bearer'. Set to null to have no type. Will be properly implemented in a later version.

Running the tests

The tests can be run with npm test.

Contributing

Please read CONTRIBUTING for details on our code of conduct, and the process for submitting pull requests.

License

This project is licensed under the ISC License - see the LICENSE file for details.

integreatoauth2authentication
@types/jsonwebtokenintegreat-adapter-formjsonwebtoken
@infinitebrahmanuniverse/nolb-integ@everything-registry/sub-chunk-1920@zalastax/nolb-integ
0.2.2

2 months ago

1.0.0

8 months ago

0.3.0

3 years ago

0.2.1

3 years ago

0.2.0

4 years ago

0.1.3

5 years ago

0.1.2

5 years ago

0.1.1

5 years ago

0.1.0

5 years ago