oauth2-implicit v0.7.0
:toc: macro :toc-title: :toclevels: 99
oauth2-implicit
image:https://travis-ci.org/jasonkuhrt/oauth2-implicit.svg?branch=master["Build Status", link="https://travis-ci.org/jasonkuhrt/oauth2-implicit"]
![https://travis-ci.org/jasonkuhrt/oauth2-implicit.svg?branch=master["Build](https://travis-ci.org/jasonkuhrt/oauth2-implicit.svg?branch=master["Build){kind=link}
toc::[]
Installation
npm --save install oauth2-implicitExample
import authorize from 'oauth2-implicit'
const credentials = authorize({
auth_uri: 'https://littlebitscloud.cc/oauth/authorize'
client_id: 'cloudbit-visualizer',
scope: ['read'],
state: {
location: window.location
},
})API
run default
run :: Options -> CredentialsConvenience function that orchestrates <<start, start>>/<<finish, finish>>.
Options
See <<start-options, start docs>>.
Credentials
See <<finish-credentials, finish docs >>.
start
start :: Options -> NullMake an Implicit Grant Flow request to the Authorization Service. This function navigates the User away from Client and to the Authorization Service. Use <<finish, finish>> to handle the redirect back to Client from Authorization Service.
Options
auth_uri :: String
client_id :: String
-- Optional Fields
scope :: [String]
redirect_uri :: String
state :: {*}Configure aspects of the Implicit Grant Flow.
auth_uri :: String
The location of the Authorization Service that the Client will run the flow against.
client_id :: String
The unique identification for this Client. The Authorization Service requires this information from clients trying to run this flow. Every Client who has beforehand registered with the Authorization Service should have this information (it is created during registration time).
scope :: [String]
The scope that Client will use in its request to Authorization Server.
Scopes will be joined by + when serialized into the query params. Authorization servers should accept this format (DoorKeeper ruby does) but please open an issue if you discover otherwise.
redirect_uri :: String optional
The location that Client would like Authorization Service to finish the flow at. The given value must match a URI that was provided to the Authorization Service at registration time.
Defaults to the current protocol plus host (which is what you usually want), examples:
options="header"
|===
| Current Location | Inferred redirect_uri
| http://foo.bar.io:8000/qux#wux | http:/foo.bar.io:8000
| https://foo.bar.io?lop=mop | https://foo.bar.io
|===
state :: {*} optional
Arbitrary Client data that Authorization Server will pass back to Client in the response phase (redirect to the redirect_uri). For details on state see the link:http://tools.ietf.org/html/rfc6749#section-4.1.1[specification].
finish
finish :: -> Credentials | NullClear the credentials from the URI Hash (as put there by the Authorization Service during redirection) and return them.
If no credentials are found null is returned instead.
Credentials
accessToken :: String
tokenType :: String
expiresIn :: Number | Null
scope :: [String]
state :: {*}Notes
This library is designed in accordance with Implicit Grant flow as specified in the link:http://tools.ietf.org/html/rfc6749#section-4.2[OAuth2 specification (RFC 6749)].