{"id":13554875,"url":"https://github.com/havard/node-openid","last_synced_at":"2025-04-03T07:33:05.720Z","repository":{"id":1292460,"uuid":"1233748","full_name":"havard/node-openid","owner":"havard","description":"OpenID for Node.js","archived":false,"fork":false,"pushed_at":"2024-03-17T11:27:20.000Z","size":546,"stargazers_count":291,"open_issues_count":5,"forks_count":101,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-04-04T10:02:25.946Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/havard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2011-01-08T21:36:11.000Z","updated_at":"2024-06-11T14:52:19.468Z","dependencies_parsed_at":"2024-06-11T15:12:07.259Z","dependency_job_id":null,"html_url":"https://github.com/havard/node-openid","commit_stats":{"total_commits":211,"total_committers":37,"mean_commits":5.702702702702703,"dds":0.3886255924170616,"last_synced_commit":"672ea6e1b25e96c4a8e4f9deb74d38487c85ac32"},"previous_names":[],"tags_count":48,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/havard%2Fnode-openid","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/havard%2Fnode-openid/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/havard%2Fnode-openid/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/havard%2Fnode-openid/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/havard","download_url":"https://codeload.github.com/havard/node-openid/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246956955,"owners_count":20860543,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T12:02:56.875Z","updated_at":"2025-04-03T07:33:05.485Z","avatar_url":"https://github.com/havard.png","language":"JavaScript","funding_links":[],"categories":["JavaScript","others"],"sub_categories":[],"readme":"# OpenID for Node.js\n\nOpenID for Node.js is (yes, you guessed it) an OpenID implementation for Node.js. \n\nHighlights and features include:\n\n- Full OpenID 1.0/1.1/2.0 compliant Relying Party (client) implementation\n- Very simple API\n- Simple extension points for association state\n\n## Download\n\nThe library can be [reviewed and retrieved from GitHub](http://github.com/havard/node-openid).\n\n## Installation\n\nIf you use [`npm`](http://npmjs.org), simply do `npm install openid`.\n\nOtherwise, you can grab the code from [GitHub](https://github.com/havard/node-openid).\n\n## Examples\n\nHere's a very simple server using OpenID for Node.js for authentication:\n\n```javascript\nvar openid = require('openid');\nvar url = require('url');\nvar querystring = require('querystring');\nvar relyingParty = new openid.RelyingParty(\n    'http://example.com/verify', // Verification URL (yours)\n    null, // Realm (optional, specifies realm for OpenID authentication)\n    false, // Use stateless verification\n    false, // Strict mode\n    []); // List of extensions to enable and include\n\n\nvar server = require('http').createServer(\n    function(req, res)\n    {\n        var parsedUrl = url.parse(req.url);\n        if(parsedUrl.pathname == '/authenticate')\n        { \n          // User supplied identifier\n          var query = querystring.parse(parsedUrl.query);\n          var identifier = query.openid_identifier;\n\n          // Resolve identifier, associate, and build authentication URL\n          relyingParty.authenticate(identifier, false, function(error, authUrl)\n              {\n                if (error)\n                {\n                  res.writeHead(200);\n                  res.end('Authentication failed: ' + error.message);\n                }\n                else if (!authUrl)\n                {\n                  res.writeHead(200);\n                  res.end('Authentication failed');\n                }\n                else\n                {\n                  res.writeHead(302, { Location: authUrl });\n                  res.end();\n                }\n              });\n        }\n        else if(parsedUrl.pathname == '/verify')\n        {\n            // Verify identity assertion\n            // NOTE: Passing just the URL is also possible\n            relyingParty.verifyAssertion(req, function(error, result)\n            {\n              res.writeHead(200);\n              res.end(!error \u0026\u0026 result.authenticated \n                  ? 'Success :)'\n                  : 'Failure :(');\n            });\n        }\n        else\n        {\n            // Deliver an OpenID form on all other URLs\n            res.writeHead(200);\n            res.end('\u003c!DOCTYPE html\u003e\u003chtml\u003e\u003cbody\u003e'\n                + '\u003cform method=\"get\" action=\"/authenticate\"\u003e'\n                + '\u003cp\u003eLogin using OpenID\u003c/p\u003e'\n                + '\u003cinput name=\"openid_identifier\" /\u003e'\n                + '\u003cinput type=\"submit\" value=\"Login\" /\u003e'\n                + '\u003c/form\u003e\u003c/body\u003e\u003c/html\u003e');\n        }\n    });\nserver.listen(80);\n```\n\nA more elaborate example including extensions can be found in `sample.js` in the GitHub repository.\n\n## Supported Extensions\nThis library comes with built-in support for the following OpenID extensions:\n\n - The Simple Registration (SREG) 1.1 extension is implemented as `openid.SimpleRegistration`.\n - The Attribute Exchange (AX) 1.0 extension is implemented as `openid.AttributeExchange`.\n - The OAuth 1.0 extension is implemented as `openid.OAuthHybrid`.\n - The User Interface 1.0 extension is implemented as `openid.UserInterface`.\n - The Provider Authentication Policy Extension 1.0 (PAPE) is implemented as `openid.pape`.\n\n## Storing association state\n\nTo provide a way to save/load association state, you need to mix-in two functions in\nthe `openid` module:\n\n - `saveAssociation(provider, type, handle, secret, expiry_time_in_seconds, callback)` is called when a new association is established during authentication. The callback should be called with any error as its first argument (or `null` if no error occured).\n - `loadAssociation(handle, callback)` is used to retrieve the association identified by `handle` when verification happens. The callback should be called with any error as its first argument (and `null` as the second argument), or an object with the keys `provider`, `type`, `secret` if the association was loaded successfully.\n\nThe `openid` module includes default implementations for these functions using a simple object to store the associations in-memory.\n\n## Caching discovered information\n\nThe verification of a positive assertion (i.e. an authenticated user) can be sped up significantly by avoiding the need for additional provider discoveries when possible. In order to achieve, this speed-up, node-openid needs to cache its discovered providers. You can mix-in two functions to override the default cache, which is an in-memory cache utilizing a simple object store:\n  \n  - `saveDiscoveredInformation(key, provider, callback)` is used when saving a discovered provider.  The following behavior is required:\n    - The `key` parameter should be uses as a key for storing the provider - it will be used as the lookup key when loading the provider. (Currently, the key is either a claimed identifier or an OP-local identifier, depending on the OpenID context.)\n    - When saving fails for some reason, `callback(error)` is called with `error` being an error object specifying what failed.\n    - When saving succeeds, `callback(null)` is called.\n\n  - `loadDiscoveredInformation(key, callback)` is used to load any previously discovered information about the provider for an identifier. The following behavior is required:    \n      - When no provider is found for the identifier, `callback(null, null)` is called (i.e. it is not an error to not have any data to return).\n      - When loading fails for some reason, `callback(error, null)` is called with `error` being an error string specifying why loading failed.\n      - When loading succeeds, `callback(null, provider)` is called with the exact provider object that was previously stored using `saveDiscoveredInformation`.\n\n## Proxy Support\n`node-openid` makes HTTP and HTTPS requests during authentication. You can have these\nrequests go through a proxy server, by using the following environment variables:\n\n - HTTP_PROXY_HOST and HTTP_PROXY_PORT control how http:// requests are sent\n - HTTPS_PROXY_HOST and HTTPS_PROXY_PORT control how https:// requests are sent\n\n## License\n\nOpenID for Node.js is licensed under the MIT license. See LICENSE for further details.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhavard%2Fnode-openid","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhavard%2Fnode-openid","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhavard%2Fnode-openid/lists"}