{"id":13528316,"url":"https://github.com/openid/AppAuth-JS","last_synced_at":"2025-04-01T11:31:17.118Z","repository":{"id":20149407,"uuid":"87066320","full_name":"openid/AppAuth-JS","owner":"openid","description":"JavaScript client SDK for communicating with OAuth 2.0 and OpenID Connect providers.","archived":false,"fork":false,"pushed_at":"2024-04-22T03:03:12.000Z","size":1257,"stargazers_count":969,"open_issues_count":40,"forks_count":161,"subscribers_count":37,"default_branch":"master","last_synced_at":"2024-05-01T21:20:27.476Z","etag":null,"topics":["oauth2","openid-connect","web"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-04-03T11:22:40.000Z","updated_at":"2024-06-03T23:33:30.857Z","dependencies_parsed_at":"2024-04-15T21:35:04.005Z","dependency_job_id":"05267a5d-e003-4cf6-a473-a0ec1c299831","html_url":"https://github.com/openid/AppAuth-JS","commit_stats":{"total_commits":81,"total_committers":12,"mean_commits":6.75,"dds":0.5925925925925926,"last_synced_commit":"39a21adacf2184629f326e36372ccf1990267e7e"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openid%2FAppAuth-JS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openid%2FAppAuth-JS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openid%2FAppAuth-JS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openid%2FAppAuth-JS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openid","download_url":"https://codeload.github.com/openid/AppAuth-JS/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246631865,"owners_count":20808774,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["oauth2","openid-connect","web"],"created_at":"2024-08-01T06:02:25.349Z","updated_at":"2025-04-01T11:31:16.480Z","avatar_url":"https://github.com/openid.png","language":"TypeScript","readme":"![AppAuth for JS](assets/logo.png)\n\nAppAuth for JavaScript is a client SDK for [public clients](https://tools.ietf.org/html/rfc6749#section-2.1)\nfor communicating with [OAuth 2.0](https://tools.ietf.org/html/rfc6749)\nand [OpenID Connect](http://openid.net/specs/openid-connect-core-1_0.html) providers\nfollowing the best practice\n[RFC 8252 - OAuth 2.0 for Native Apps](https://tools.ietf.org/html/rfc8252).\nThe library is designed for use in `Web Apps`, `Node.js` CLI applications,\n`Chrome Apps` and applications that use `Electron` or similar frameworks.\n\nIt strives to directly map the requests and responses of those specifications,\nwhile following the idiomatic style of the implementation language.\n\nThe library also supports the [PKCE](https://tools.ietf.org/html/rfc7636)\nextension to OAuth which was created to secure authorization codes in public\nclients when custom URI scheme redirects are used. The library is friendly to\nother extensions (standard or otherwise) with the ability to handle additional\nparameters in all protocol requests and responses.\n\n### Examples\n\n\nAn example application using the library is included in the `src/node_app` folder and at https://github.com/googlesamples/appauth-js-electron-sample.\n\n\n#### Auth Flow\nAppAuth supports manual interaction with the Authorization Server where you need to perform\nyour own token exchanges. This example performs a manual exchange.\n\n##### Fetch Service Configuration\n\n```typescript\nAuthorizationServiceConfiguration.fetchFromIssuer(openIdConnectUrl)\n  .then(response =\u003e {\n    log('Fetched service configuration', response);\n    this.configuration = response;\n    this.showMessage('Completed fetching configuration');\n  })\n  .catch(error =\u003e {\n    log('Something bad happened', error);\n    this.showMessage(`Something bad happened ${error}`)\n  });\n```\n\n##### Make Authorization Requests\n\n```typescript\nthis.notifier = new AuthorizationNotifier();\n// uses a redirect flow\nthis.authorizationHandler = new RedirectRequestHandler();\n// set notifier to deliver responses\nthis.authorizationHandler.setAuthorizationNotifier(this.notifier);\n// set a listener to listen for authorization responses\nthis.notifier.setAuthorizationListener((request, response, error) =\u003e {\n  log('Authorization request complete ', request, response, error);\n  if (response) {\n    this.code = response.code;\n    this.showMessage(`Authorization Code ${response.code}`);\n  }\n});\n\n// create a request\nlet request = new AuthorizationRequest({\n    client_id: clientId,\n    redirect_uri: redirectUri,\n    scope: scope,\n    response_type: AuthorizationRequest.RESPONSE_TYPE_CODE,\n    state: undefined,\n    extras: {'prompt': 'consent', 'access_type': 'offline'}\n  });\n\n// make the authorization request\nthis.authorizationHandler.performAuthorizationRequest(this.configuration, request);\n```\n\n##### Making Token Requests\n\n```typescript\nthis.tokenHandler = new BaseTokenRequestHandler();\n\nlet request: TokenRequest|null = null;\n\nif (this.code) {\n  let extras: StringMap|undefined = undefined;\n  if (this.request \u0026\u0026 this.request.internal) {\n    extras = {};\n    extras['code_verifier'] = this.request.internal['code_verifier'];\n  }\n  // use the code to make the token request.\n  request = new TokenRequest({\n      client_id: clientId,\n      redirect_uri: redirectUri,\n      grant_type: GRANT_TYPE_AUTHORIZATION_CODE,\n      code: this.code,\n      refresh_token: undefined,\n      extras: extras\n    });\n} else if (this.tokenResponse) {\n  // use the token response to make a request for an access token\n  request = new TokenRequest({\n      client_id: clientId,\n      redirect_uri: redirectUri,\n      grant_type: GRANT_TYPE_REFRESH_TOKEN,\n      code: undefined,\n      refresh_token: this.tokenResponse.refreshToken,\n      extras: undefined\n    });\n}\n\nthis.tokenHandler.performTokenRequest(this.configuration, request)\n  .then(response =\u003e {\n    // ... do something with token response\n  });\n```\n\n### Development\n\n#### Preamble\n\nThis client has been written with [TypeScript](https://typescriptlang.org).\n\n### Setup\n\n* Install the latest version of [Node](https://nodejs.org/en/).\n  [NVM](https://github.com/creationix/nvm)\n  (Node Version Manager is highly recommended).\n\n* Use `nvm install` to install the recommended Node.js version.\n\n* Download the latest version of Visual Studio Code from\n  [here](https://code.visualstudio.com/).\n\n#### Provision Dependencies\n\nThis app uses `npm` to provision it dependencies.\n\n* `git clone` the `AppAuthJS` library and go to the root folder of\n   the project containing `package.json` file.\n* `npm install` to install all the dev and project dependencies.\n\nThats it! You are now ready to start working on `AppAuthJS`.\n\n#### Development Workflow\n\nThe project uses `npm` scripts to automate development workflows.\nThese scripts are made available via the `package.json` file.\n\nThe following scripts are included:\n\n* `npm run-script compile` or `tsc` will compile all your TypeScript files.\n   All compiled files go into the `built/` folder.\n\n* `npm run-script watch` or `tsc --watch` will compile your TypeScript files\n   in `watch` mode. Recommended if you want to get continuous feedback.\n\n* `npm run-script build-app` generates the output `bundle.js` file in the `built/`\n   directory. This includes the full `AppAuthJS` library including all\n   its dependencies.\n\n* `npm test` provisions the `Karma` test runner to run all unit tests.\n   All tests are written using [Jasmine](http://jasmine.github.io/).\n   To _DEBUG_ your tests, click on the `Debug` button in the Karma test runner\n   to look at the actual source of the tests. You can attach break points here.\n\n* `npm run-script app` builds the test app on a local web server.\n   This is an end-to-end app which uses AppAuthJS and is a demonstration\n   on how to use the library.\n\n* `npm run-script node-app` builds a Node.js CLI sample app. This is an end-to-end app\n   which uses AppAuthJS in a Node.js context.\n\n","funding_links":[],"categories":["TypeScript","Implementations(Examples/Demos)"],"sub_categories":["Invalidating JWT"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenid%2FAppAuth-JS","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenid%2FAppAuth-JS","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenid%2FAppAuth-JS/lists"}