Posted on
oauth2-server npm study
oauth2-server study
Installation & Document
Document https://oauth2-server.readthedocs.io/en/latest/
Example
const OAuth2Server = require(‘’)
Model
Each oauth2 server should contain Model. Model is something like interface to estalbish oauth2 server.
npm oauth2-server contains following functions. It contains mandatory / optional functions. If you don’t implement optional method, oauth2-server provide its default fucntion.
| Function | isMandatory | Description |
|---|---|---|
| generateAccessToken(client, user, scope, [callback]) | X | Generate a new token |
| generateRefreshToken(client, user, scope, [callback]) | X | Refresh a new token |
| generateAuthorizationCode(client, user, scope, [callback]) | X | Generate a new AuthorizationCode |
| getAccessToken(accessToken, [callback]) | O (if OAuth2Server#authenticate() is used) |
Retrieve saved token |
| getRefreshToken(refreshToken, [callback]) | O (if the refresh_token grant is used) |
Retrieve saved refresh token |
| getAuthorizationCode(authorizationCode, [callback]) | O (if the authorization_code grant is used) |
Retrieve saved authorizationCode |
| getClient(clientId, clientSecret, [callback]) | O (for all grant types) |
Retrieve a client |
| getUser(username, password, [callback]) | O (if the password grant is used) |
Retrieve a user |
| getUserFromClient(client, [callback]) | O (if the client_credentials grant is used) |
Retrieve user that associated with client |
| saveToken(token, client, user, [callback]) | O (for all grant types) |
Save access token |
| saveAuthorizationCode(code, client, user, [callback]) | O (if the authorization_code grant is used) |
Save authorizationCode |
| revokeToken(token, [callback]) | O (if the refresh_token grant is used) |
Revoke refresh token |
| revokeAuthorizationCode(code, [callback]) | O (if the authorization_code grant is used) |
Revoke authorizationCode |
| validateScope(user, client, scope, [callback]) | X | Check scope for a given client/user |
| verifyScope(accessToken, scope, [callback]) | O | Check scope for a given token |
OAuth 2.0 base knoledge
Grant type
Grant type means how to grant request for auth. There are several grant types, and these are basic grant types.
1. Authorization Code
2. Implicit
3. Password
4. Client Credentials
5. Device Code
6. Refresh Token
I used mongodb as storing various information (User, Client, Token, AUthCode)