1.0.3 • Published 9 years ago

oauth2-token-manager v1.0.3

Weekly downloads
1
License
MIT
Repository
github
Last release
9 years ago

Features

  • No assumptions about tokens storage type.
  • You can store arbitrary data assosiated with issued token.
  • Secret for authenticity verification. This may be a secret based on IP address and port.

Install

npm install oauth2-token-manager

Usage examples

Generate exchange code

tokenManager
	.generateExchangeCode('123|10.10.10.10|8888', 'www.abcd.com')
    .then(function(obj){
    	assert.ok(obj.accessToken);
    	assert.ok(obj.refreshToken);
    });

Exchange code for token

tokenManager
	.exchange(exchangeCode, redirectUri)
	.then(function(obj){
    	assert.ok(obj.accessToken);
		assert.ok(obj.refreshToken);
    });

Verify access token

tokenManager
	.verify(accessToken)
	.spread(function(result, userData){
    	assert.ok(result);
        // using userData
        ...
    });

Generate access token

tokenManager
	.generateAccessToken('123|10.10.10.10|8888')
	.then(function(obj){
    	assert.ok(obj.accessToken);
		assert.ok(obj.refreshToken);
    });

Refresh access token

tokenManager
	.refresh(obj.refreshToken)
    .then(function(obj){
    	assert.ok(obj.accessToken);
		assert.ok(obj.refreshToken);
    });

API reference

generateAccessToken(key, userData, secret)

Generate a token and store it associated with a key.

Params

  • key string - Uniq key associated with a token in storage. This may be "userId|IP|TCP port" string. A key will be hashed before serialization.
  • [userData] object - Data to serialize with a generated access token.
  • [secret] string - Data for source authenticity verification.

Returns: promise - A promise to return. TokenObject

generateExchangeCode(key, redirectUri, userData, secret)

Generate an exchange code and store it associated with a key.

Params

  • key string - Uniq key associated with a token in storage. This may be "userId|IP|TCP port" string. A key will be hashed before serialization.
  • redirectUri string - Redirect URI
  • [userData] object - Data to serialize with a generated exchange code.
  • [secret] string - Data for source authenticity verification.

Returns: promise - A promise to return an exchange code.

verify(token, secret)

Verify a token validity.

Params

  • token string - A accessToken to validate.
  • [secret] string - Data for source authenticity verification. This may be used to prevent of accessToken using from other IP. An accessToken had to be generated with the same secret.

Returns: promise - A promise to return true for a valid token, false for a not and an optional user data if deserialize callback supports it. Be sure to use the spread method like this spread(function(result, userData){}).

exchange(code, redirectUri, secret)

Exchange a code for a token.

Params

  • code string - A code to exchange for a token.
  • redirectUri string - This is the redirectUri that was passed to generateCode earlier.
  • [secret] string - Data for source authenticity verification. This has to be the same data that was passed to generateCode earlier.

Returns: promise - A promise to return TokenObject or null.

refresh(refreshToken, secret)

Refresh an accessToken.

Params

  • refreshToken string - A refreshToken to exchange for a new accessToken.
  • [secret] string - Data for source authenticity verification. This had to be the same data that was passed to generateAccessToken earlier.

Returns: promise - A promise to return TokenObject.

serialize(cb)

Set a function to serialize a token in storage.

Params

deserialize(cb)

Set a function to deserialize a token from storage.

Params

type: TokenObject

Properties

  • accessToken string
  • refreshToken string

Type: Object

type: StorageObject

Properties

  • code1 string - code1 serializeCallback parameter
  • code2 string - code2 serializeCallback parameter
  • createdAt string - createdAt serializeCallback parameter
  • expiresIn string - expiresIn serializeCallback parameter

Type: Object

callback: serializeCallback

Serialize an access token or an exchange code object in a storage.

Params

  • key string - Primary key for an object.
  • code1 string - An access token or null.
  • code2 string - A refresh token or an exchange code.
  • createdAt string - Time in seconds since epoch.
  • expiresIn string - Expiration time in seconds.
  • [userData] object - Additional user data.

Type: function
Returns: promise - A promise to store the object that contains code1, code2, createdAt and expiresIn parameters. The deffered must be resolved with true value on success.

callback: deserializeCallback

Deserialize an access token or an exchange code object from a storage.

Params

  • key string - key serializeCallback parameter.

Type: function
Returns: promise - A promise to return StorageObject.

oauth2tokenmanagegenerateverifyrefreshexchange
crypto-liteunderscoreq
@infinitebrahmanuniverse/nolb-oa@everything-registry/sub-chunk-2363
1.0.3

9 years ago

1.0.1

9 years ago

1.0.0

9 years ago