{"id":20261891,"url":"https://github.com/nodesolidserver/oidc-rs","last_synced_at":"2025-04-11T01:51:08.764Z","repository":{"id":40753538,"uuid":"134878528","full_name":"nodeSolidServer/oidc-rs","owner":"nodeSolidServer","description":"OpenID Connect Resource Server Authentication for Node.js","archived":false,"fork":false,"pushed_at":"2022-12-22T16:57:48.000Z","size":322,"stargazers_count":4,"open_issues_count":3,"forks_count":1,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-03-18T03:53:21.227Z","etag":null,"topics":["running-code"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nodeSolidServer.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-25T16:09:20.000Z","updated_at":"2023-01-10T11:19:24.000Z","dependencies_parsed_at":"2023-01-30T14:15:37.846Z","dependency_job_id":null,"html_url":"https://github.com/nodeSolidServer/oidc-rs","commit_stats":null,"previous_names":["solid/oidc-rs"],"tags_count":22,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodeSolidServer%2Foidc-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodeSolidServer%2Foidc-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodeSolidServer%2Foidc-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nodeSolidServer%2Foidc-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nodeSolidServer","download_url":"https://codeload.github.com/nodeSolidServer/oidc-rs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248328104,"owners_count":21085258,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["running-code"],"created_at":"2024-11-14T11:27:32.121Z","updated_at":"2025-04-11T01:51:08.746Z","avatar_url":"https://github.com/nodeSolidServer.png","language":"JavaScript","readme":"# OpenID Connect Resource Server Authentication\n\nOpenID Connect Resource Server Authentication for Node.js\n\n## Features\n\n* [x] OAuth 2.0 Bearer Token Usage (RFC 6750)\n* [x] JWT Access Token Validation (Specification pending)\n* [x] Issuer discovery (OpenID Connect Discovery)\n* [x] Dynamic key rotation (OpenID Connect Core)\n* [x] Multiple issuer support\n* [x] Scope validation\n* [x] Allow and deny access by \"iss\", \"aud\", and \"sub\" claims\n\n## Usage\n\n### Install\n\n```bash\n$ npm install @solid/oidc-rs\n```\n\n### Require\n\n```\nconst ResourceServer = require('@solid/oidc-rs')\n```\n\n### ResourceServer\n\nResourceServer maintains a cache of provider metadata and JSON Web Keys for verifying signatures. Provider discovery and acquisition of keys takes place when a JWT access token is decoded. The provider metadata and JWK Set are cached in memory. Therefore no configuration is required.\n\n```\nconst rs = new ResourceServer()\n```\n\nThe provider cache can be serialized and persisted, then restored like so:\n\n```\nconst providers = require('./providers.json')\nResourceServer.from({providers}).then(rs =\u003e /* ... */)\n```\n\n#### Global server authentication\n\n```javascript\nconst app = express()\napp.use(rs.authenticate(options))\n```\n\n#### Route specific configuration\n\n```javascript\napp.get('/endpoint', rs.authenticate(options), (req, res, next) =\u003e {})\n```\n\n### Middleware Options\n\nNo configuration is _required_ in order to start using this middleware. All options are optional.\n\n```javascript\nrs.authenticate({\n  realm: 'user',\n  scopes: ['foo', 'bar'],\n  allow: {\n    issuers: ['https://forge.anvil.io'],\n    audience: ['clientid1', 'clientid2'],\n    subjects: ['userid1', 'userid2', 'useridn']\n  },\n  deny: { // probably want to use either allow or deny, but not both\n    issuers: ['https://forge.anvil.io'],\n    audience: ['clientid1', 'clientid2'],\n    subjects: ['userid1', 'userid2', 'useridn']\n  },\n  handleErrors: false, // defaults to true\n  tokenProperty: 'token',\n  claimsProperty: 'claims'\n})\n```\n\n* `realm` – Value of \"realm\" parameter to use in WWW-Authenticate challenge header.\n* `scopes` – Array of scope values required to access this resource.\n* `allow` – Object with arrays of allowed issuers, audience and subjects.\n* `deny` – Object with arrays of restricted issuers, audience and subjects.\n* `handleErrors` – When set to false, error conditions will result in a call to `next()`, passing control to the application's error handling.\n* `tokenProperty` – Name of property on `req` to assign decoded JWT object. The property will not be set unless defined.\n* `claimsProperty` – name of property on `req` to assign verified JWT claims. Defaults to \"claims\".\n\n## Running tests\n\n### Nodejs\n\n```bash\n$ npm test\n```\n\n## MIT License\n\n[The MIT License](LICENSE.md)\n\nCopyright (c) 2016 Anvil Research, Inc.\nCopyright (c) 2017-2019 The Solid Project\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnodesolidserver%2Foidc-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnodesolidserver%2Foidc-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnodesolidserver%2Foidc-rs/lists"}