{"id":13801391,"url":"https://github.com/nulab/scala-oauth2-provider","last_synced_at":"2025-04-12T18:50:03.049Z","repository":{"id":10660823,"uuid":"12893339","full_name":"nulab/scala-oauth2-provider","owner":"nulab","description":"OAuth 2.0 server-side implementation written in Scala","archived":false,"fork":false,"pushed_at":"2023-12-04T15:31:56.000Z","size":347,"stargazers_count":537,"open_issues_count":4,"forks_count":97,"subscribers_count":71,"default_branch":"main","last_synced_at":"2025-04-03T21:13:26.981Z","etag":null,"topics":["oauth2-server","scala"],"latest_commit_sha":null,"homepage":"","language":"Scala","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nulab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2013-09-17T11:19:40.000Z","updated_at":"2024-10-28T16:35:40.000Z","dependencies_parsed_at":"2024-01-05T21:57:24.359Z","dependency_job_id":null,"html_url":"https://github.com/nulab/scala-oauth2-provider","commit_stats":null,"previous_names":[],"tags_count":42,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nulab%2Fscala-oauth2-provider","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nulab%2Fscala-oauth2-provider/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nulab%2Fscala-oauth2-provider/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nulab%2Fscala-oauth2-provider/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nulab","download_url":"https://codeload.github.com/nulab/scala-oauth2-provider/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248618219,"owners_count":21134199,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["oauth2-server","scala"],"created_at":"2024-08-04T00:01:22.331Z","updated_at":"2025-04-12T18:50:02.989Z","avatar_url":"https://github.com/nulab.png","language":"Scala","funding_links":[],"categories":["Scala","Table of Contents","Authentication"],"sub_categories":["Authentication"],"readme":"# oauth2-server for Scala [![CI](https://github.com/nulab/scala-oauth2-provider/actions/workflows/ci.yml/badge.svg)](https://github.com/nulab/scala-oauth2-provider/actions/workflows/ci.yml)\n\n[The OAuth 2.0](http://tools.ietf.org/html/rfc6749) server-side implementation written in Scala.\n\nThis provides OAuth 2.0 server-side functionality and supporting function for [Play Framework](http://www.playframework.com/) and [Akka HTTP](http://akka.io/).\n\nThe idea of this library originally comes from [oauth2-server](https://github.com/yoichiro/oauth2-server) which is Java implementation of OAuth 2.0.\n\n## Supported OAuth features\n\nThis library supports all grant types.\n\n- Authorization Code Grant (PKCE Authorization Code Grants are supported)\n- Resource Owner Password Credentials Grant\n- Client Credentials Grant\n- Implicit Grant\n\nand an access token type called [Bearer](http://tools.ietf.org/html/rfc6750).\n\n## Setup\n\n### Play Framework\n\nSee [the project](https://github.com/nulab/play2-oauth2-provider)\n\n### Akka HTTP\n\nSee [the project](https://github.com/nulab/akka-http-oauth2-provider)\n\n### Other frameworks\n\nAdd `scala-oauth2-core` library dependencies of your project.\nIn this case, you need to implement your own OAuth provider working with web framework you use.\n\n```scala\nlibraryDependencies ++= Seq(\n  \"com.nulab-inc\" %% \"scala-oauth2-core\" % \"1.6.0\"\n)\n```\n\n## How to use\n\n### Implement DataHandler\n\nWhether you use Play Framework or not, you have to implement `DataHandler` trait and make it work with your own `User` class that may be already defined in your application.\n\n```scala\ncase class User(id: Long, name: String, hashedPassword: String)\n\nclass MyDataHandler extends DataHandler[User] {\n\n  def validateClient(maybeClientCredential: Option[ClientCredential], request: AuthorizationRequest): Future[Boolean] = ???\n\n  def findUser(maybeClientCredential: Option[ClientCredential], request: AuthorizationRequest): Future[Option[User]] = ???\n\n  def createAccessToken(authInfo: AuthInfo[User]): Future[AccessToken] = ???\n\n  def getStoredAccessToken(authInfo: AuthInfo[User]): Future[Option[AccessToken]] = ???\n\n  def refreshAccessToken(authInfo: AuthInfo[User], refreshToken: String): Future[AccessToken] = ???\n\n  def findAuthInfoByCode(code: String): Future[Option[AuthInfo[User]]] = ???\n\n  def findAuthInfoByRefreshToken(refreshToken: String): Future[Option[AuthInfo[User]]] = ???\n\n  def deleteAuthCode(code: String): Future[Unit] = ???\n\n  def findAccessToken(token: String): Future[Option[AccessToken]] = ???\n\n  def findAuthInfoByAccessToken(accessToken: AccessToken): Future[Option[AuthInfo[User]]] = ???\n\n}\n```\n\nIf your data access is blocking for the data storage, then you just wrap your implementation in the `DataHandler` trait with `Future.successful(...)`.\n\nFor more details, refer to Scaladoc of `DataHandler`.\n\n### AuthInfo\n\n`DataHandler` returns `AuthInfo` as authorized information.\n`AuthInfo` is made up of the following fields.\n\n```scala\ncase class AuthInfo[User](\n  user: User,\n  clientId: Option[String],\n  scope: Option[String],\n  redirectUri: Option[String],\n  codeChallenge: Option[String] = None,\n  codeChallengeMethod: Option[CodeChallengeMethod] = None\n)\n```\n\n- user\n  - `user` is authorized by DataHandler\n- clientId\n  - `clientId` which is sent from a client has been verified by `DataHandler`\n  - If your application requires client_id for client authentication, you can get `clientId` as below\n    - `val clientId = authInfo.clientId.getOrElse(throw new InvalidClient())`\n- scope\n  - inform the client of the scope of the access token issued\n- redirectUri\n  - This value must be enabled on authorization code grant\n- codeChallenge:\n  - This value is OPTIONAL. Only set this value if doing a PKCE authorization request. When set, PKCE rules apply on the AuthorizationCode Grant Handler\n  - This value is from a PKCE authorization request. This is the challenge supplied during the auth request if given.\n- codeChallengeMethod:\n  - This value is OPTIONAL and used only by PKCE when a codeChallenge value is also set.\n  - This value is from a PKCE authorization request. This is the method used to transform the code verifier. Must be either Plain or S256. If not specified and codeChallenge is provided then Plain is assumed (per RFC7636)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnulab%2Fscala-oauth2-provider","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnulab%2Fscala-oauth2-provider","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnulab%2Fscala-oauth2-provider/lists"}