1 Star 0 Fork 0

codingchengdu/egg-oauth2-server

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
贡献代码
同步代码
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README
MIT

egg-oauth2-server

NPM version build status Test coverage David deps Known Vulnerabilities npm download

Chinese Example | 中文样例教程(注意:文章里使用的是该插件 v1.x 版本,部分 API 名称有变化,主要流程一致)

egg-oauth2-server is a module that easily adds oauth2 capability to egg-based servers.

  • egg 2.x use egg-oauth2-server latest (Node >= 8.0.0)
  • egg 1.x use egg-oauth2-server 2.0.x (Node >= 6.0.0)

Install

$ npm i egg-oauth2-server --save

Usage

// {app_root}/config/plugin.js
exports.oAuth2Server = {
  enable: true,
  package: 'egg-oauth2-server',
};

// {app_root}/app/router.js
app.all('/user/token', app.oAuth2Server.token());
app.get('/user/authorize', app.oAuth2Server.authorize(), 'user.code');
app.get('/user/authenticate', app.oAuth2Server.authenticate(), 'user.authenticate');

// `ctx.state.oauth` has token or code data after middleware for controller.
// {app_root}/config/config.default.js
module.exports = config => {
  const exports = {};
  exports.oAuth2Server = {
    debug: config.env === 'local',
    grants: [ 'password' ],
  };
  return exports;
};

See test/fixtures/apps/oauth2-server-test/config/config.unittest.js for reference.

// {app_root}/app/extend/oauth.js
// or {app_root}/app/extend/oauth.ts
'use strict';

// need implement some follow functions
module.exports = app => {  
  class Model {
    constructor(ctx) {}
    async getClient(clientId, clientSecret) {}
    async getUser(username, password) {}
    async saveAuthorizationCode(code, client, user) {}
    async getAuthorizationCode(authorizationCode) {}
    async revokeAuthorizationCode(code) {}
    async saveToken(token, client, user) {}
    async getAccessToken(bearerToken) {}
    async revokeToken(token) {}
  }  
  return Model;
};

For full description, check out https://www.npmjs.com/package/oauth2-server.

Examples

A simple password-mode OAuth 2.0 server. Full code at test/fixtures/apps/oauth2-server-test/app/extend/oauth.js

password mode app.oauth.token() lifecycle

getClient --> getUser --> saveToken

password mode app.oauth.authenticate() lifecycle

Only getAccessToken

authorization_code mode app.oauth.authorize() lifecycle

getClient --> getUser --> saveAuthorizationCode

authorization_code mode app.oauth.token() lifecycle

getClient --> getAuthorizationCode --> revokeAuthorizationCode --> saveToken

authorization_code mode app.oauth.authenticate() lifecycle

Only getAccessToken

Questions & Suggestions

Please open an issue. PRs are welcomed too.

License

MIT

The MIT License (MIT) Copyright 2017 Azard All rights reserved. Copyright (c) 2017 Alibaba Group Holding Limited and other contributors. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

简介

暂无描述 展开 收起
README
MIT
取消

发行版

暂无发行版

贡献者

全部

近期动态

不能加载更多了
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/codingchengdu/egg-oauth2-server.git
git@gitee.com:codingchengdu/egg-oauth2-server.git
codingchengdu
egg-oauth2-server
egg-oauth2-server
master

搜索帮助