Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jaredhanson/passport-oauth2

OAuth 2.0 authentication strategy for Passport and Node.js.
https://github.com/jaredhanson/passport-oauth2

oauth2 passport

Last synced: less than a minute ago
JSON representation

OAuth 2.0 authentication strategy for Passport and Node.js.

Host: GitHub
URL: https://github.com/jaredhanson/passport-oauth2
Owner: jaredhanson
License: mit
Created: 2013-08-13T19:28:58.000Z (over 11 years ago)
Default Branch: master
Last Pushed: 2024-02-28T17:52:26.000Z (11 months ago)
Last Synced: 2025-01-14T23:42:54.963Z (7 days ago)
Topics: oauth2, passport
Language: JavaScript
Homepage: https://www.passportjs.org/packages/passport-oauth2/?utm_source=github&utm_medium=referral&utm_campaign=passport-oauth2&utm_content=about
Size: 188 KB
Stars: 608
Watchers: 17
Forks: 345
Open Issues: 94
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

        # passport-oauth2

General-purpose OAuth 2.0 authentication strategy for [Passport](https://www.passportjs.org/).

This module lets you authenticate using OAuth 2.0 in your Node.js applications.

By plugging into Passport, OAuth 2.0-based sign in can be easily and

unobtrusively integrated into any application or framework that supports

[Connect](https://github.com/senchalabs/connect#readme)-style middleware, including

[Express](https://expressjs.com/).

Note that this strategy provides generic OAuth 2.0 support.  In many cases, a

provider-specific strategy can be used instead, which cuts down on unnecessary

configuration, and accommodates any provider-specific quirks.  See the

[list](https://github.com/jaredhanson/passport/wiki/Strategies) for supported

providers.

Developers who need to implement authentication against an OAuth 2.0 provider

that is not already supported are encouraged to sub-class this strategy.  If you

choose to open source the new provider-specific strategy, please add it to the

list so other people can find it.



:brain: [Understanding OAuth 2.0](https://www.passportjs.org/concepts/oauth2/?utm_source=github&utm_medium=referral&utm_campaign=passport-oauth2&utm_content=nav-concept) •

:heart: [Sponsors](https://www.passportjs.org/sponsors/?utm_source=github&utm_medium=referral&utm_campaign=passport-oauth2&utm_content=nav-sponsors)



---



  ^{Advertisement}

  


  Learn OAuth 2.0 - Get started as an API Security Expert
Just imagine what could happen to YOUR professional career if you had skills in OAuth > 8500 satisfied students



---

[![npm](https://img.shields.io/npm/v/passport-oauth2.svg)](https://www.npmjs.com/package/passport-oauth2)

[![build](https://img.shields.io/travis/jaredhanson/passport-oauth2.svg)](https://travis-ci.org/jaredhanson/passport-oauth2)

[![coverage](https://img.shields.io/coveralls/jaredhanson/passport-oauth2.svg)](https://coveralls.io/github/jaredhanson/passport-oauth2)

[...](https://github.com/jaredhanson/passport-oauth2/wiki/Status)

## Install

    $ npm install passport-oauth2

## Usage

#### Configure Strategy

The OAuth 2.0 authentication strategy authenticates users using a third-party

account and OAuth 2.0 tokens.  The provider's OAuth 2.0 endpoints, as well as

the client identifer and secret, are specified as options.  The strategy

requires a `verify` callback, which receives an access token and profile,

and calls `cb` providing a user.

```js

passport.use(new OAuth2Strategy({

    authorizationURL: 'https://www.example.com/oauth2/authorize',

    tokenURL: 'https://www.example.com/oauth2/token',

    clientID: EXAMPLE_CLIENT_ID,

    clientSecret: EXAMPLE_CLIENT_SECRET,

    callbackURL: "http://localhost:3000/auth/example/callback"

  },

  function(accessToken, refreshToken, profile, cb) {

    User.findOrCreate({ exampleId: profile.id }, function (err, user) {

      return cb(err, user);

    });

  }

));

```

#### Authenticate Requests

Use `passport.authenticate()`, specifying the `'oauth2'` strategy, to

authenticate requests.

For example, as route middleware in an [Express](http://expressjs.com/)

application:

```js

app.get('/auth/example',

  passport.authenticate('oauth2'));

app.get('/auth/example/callback',

  passport.authenticate('oauth2', { failureRedirect: '/login' }),

  function(req, res) {

    // Successful authentication, redirect home.

    res.redirect('/');

  });

```

## Related Modules

- [passport-oauth1](https://github.com/jaredhanson/passport-oauth1) — OAuth 1.0 authentication strategy

- [passport-http-bearer](https://github.com/jaredhanson/passport-http-bearer) — Bearer token authentication strategy for APIs

- [OAuth2orize](https://github.com/jaredhanson/oauth2orize) — OAuth 2.0 authorization server toolkit

## Contributing

#### Tests

The test suite is located in the `test/` directory.  All new features are

expected to have corresponding test cases.  Ensure that the complete test suite

passes by executing:

```bash

$ make test

```

#### Coverage

All new feature development is expected to have test coverage.  Patches that

increse test coverage are happily accepted.  Coverage reports can be viewed by

executing:

```bash

$ make test-cov

$ make view-cov

```

## License

[The MIT License](http://opensource.org/licenses/MIT)

Copyright (c) 2011-2016 Jared Hanson <[http://jaredhanson.net/](http://jaredhanson.net/)>