{"id":16726365,"url":"https://github.com/cmd-johnson/oauth-rest-client","last_synced_at":"2025-03-15T15:24:50.944Z","repository":{"id":31557307,"uuid":"35122018","full_name":"cmd-johnson/oauth-rest-client","owner":"cmd-johnson","description":"Helps you access oAuth 2.0 authenticated REST-APIs","archived":false,"fork":false,"pushed_at":"2015-05-08T08:10:28.000Z","size":516,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-22T05:28:35.462Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cmd-johnson.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-05-05T20:22:58.000Z","updated_at":"2015-08-08T14:30:57.000Z","dependencies_parsed_at":"2022-09-08T12:20:55.657Z","dependency_job_id":null,"html_url":"https://github.com/cmd-johnson/oauth-rest-client","commit_stats":null,"previous_names":["cmd-johnson/rest-oauth-client"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmd-johnson%2Foauth-rest-client","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmd-johnson%2Foauth-rest-client/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmd-johnson%2Foauth-rest-client/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cmd-johnson%2Foauth-rest-client/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cmd-johnson","download_url":"https://codeload.github.com/cmd-johnson/oauth-rest-client/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243747735,"owners_count":20341555,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-12T22:52:58.945Z","updated_at":"2025-03-15T15:24:50.920Z","avatar_url":"https://github.com/cmd-johnson.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Rest-OAuth-Client\nHelps you access OAuth 2.0 authenticated REST-APIs.\n\n## Features\nFor the time being, this module only supports the *access-code* authorization grant.\nSupport for additional grant types is planned, especially automated refresh-token\nusage, meaning if a call fails due to an expired access-token, the refresh-token\nwill automatically be used to get a new access-token. Only if that request fails\nor the user doesn't have a refresh token, the error will be forwarded to your\napplication.\n\nAnother feature on the roadmap is HATEOAS support, providing you a simple interface\nto traverse and explore HATEOAS compliant REST-APIs. In order to do that, I'll also\nadd JSON (and later XML) support, so you don't have to do all the parsing on your own.\n\ntheir SSO service, however, I'll add some proper tests later on.\nI (manually) tested the module against the EVE-Online CREST-API in combination with\n\n## Basic Usage\nMost commonly you'll want to use this library in combination with express. However,\nit doesn't depend on anything only provided by express (except a single redirection,\nI'll change that behavior later to completely decouple this module from express),\nso you can use it with whatever you like.\nThe example uses the express module to set up a simple server that accesses an\nOAuth 2.0 authenticated REST-API that produces JSON responses, as well as\nexpress-session and cookie-parser to save the access-tokens.\n\nFor a \"visual\" description of the OAuth 2.0 authorization-code flow, please refer to\n[RFC-6749](http://tools.ietf.org/html/rfc6749#section-4.1). I added comments\nreferencing to the steps described in that document (A through E), so you can get a\nbetter view of whats going on here.\n\n```javascript\n// import used modules\nvar express = require('express');\nvar cookieParser = require('cookie-parser');\nvar session = require('express-session');\nvar OauthRestClient = require('oauth-rest-client');\n\n// set up our server\nvar app = express();\napp.use(cookieParser());\napp.use(session({\n\tsecret: 'pssssst!'\n}));\n\n// initialize the client \nvar client = new OauthRestClient({\n\t// the unique id of your client\n\tclientId: 'clientId',\n\t// your client's secret\n\tclientSecret: 'secret',\n\t// the url to redirect the user to when logging in\n\tloginUrl: 'https://somewebsite.io/oauth2/login',\n\t// the url to send the authentication token to in order\n\t// to get the access and refresh tokens\n\ttokenUrl: 'https://somewebsite.io/oauth2/token',\n\t// the url that the login page should redirect back to\n\tcallbackUrl: 'http://localhost:3000/oauth2/callback'\n});\n\n/* (A) */\n// redirect the user to the oauth service login page\napp.get('/sso/login', function(req, res, next) {\n\tclient.redirectToLogin(res, {\n\t\tresponse_type: 'code',\n\t\t// the scope parameter to set when redirecting the\n\t\t// user to the login page of the oauth server\n\t\tscope: '',\n\t\t// optional, but recommended, see\n\t\t// http://www.thread-safe.com/2014/05/the-correct-use-of-state-parameter-in.html \n\t\tstate: ''\n\t});\n});\n\n/* (B) */\n// only on user-agent side, nothing to do here!\n\n/* (C) */\n// the user returns with the authorization code in the address bar\napp.get('/oauth2/callback', function(req, res) {\n\t/* (D) */\n\t// we request the access- and (optional) refresh-tokens\n\tvar urlOptions = {\n\t\theaders: {\n\t\t\t// add some custom headers\n\t\t\t'Authorization': 'Basic i2o...rEg='\n\t\t}\n\t};\n\t// values added to the url request object\n\tclient.requestTokens(req.query.code, urlOptions, function(err, tokens) {\n\t\t/* (E) */\n\t\t// do something with the returned tokens (i.e. save them or something)\n\t\tif (err) {\n\t\t\treturn; // do some error handling!\n\t\t}\n\t\treq.session.oauthTokens = tokens;\n\t\t// now you're free to do whatever you like!\n\t\tres.send('Login successful!');\n\t});\n});\n\n// make an authenticated request\napp.get('/api/info', function(req, res) {\n\tclient.request('get', 'https://somewebsite.io/api/whoami', req.session.oauthTokens,\n\t\t\tfunction(err, response, body) {\n\t\t\t\tif (err) return; // error handling\n\t\t\t\tres.send(JSON.parse(body).userName);\n\t\t\t});\n});\n\n// start our server!\napp.listen(3000);\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcmd-johnson%2Foauth-rest-client","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcmd-johnson%2Foauth-rest-client","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcmd-johnson%2Foauth-rest-client/lists"}