for communicating with OAuth 2.0
and OpenID Connect providers
following the best practice
RFC 8252 - OAuth 2.0 for Native Apps.
The library is designed for use in
Node.js CLI applications,
Chrome Apps and applications that use
Electron or similar frameworks.
It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language.
The library also supports the PKCE extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all protocol requests and responses.
An example application using the library is included in the
src/node_app folder and at https://github.com/googlesamples/appauth-js-electron-sample.
AppAuth supports manual interaction with the Authorization Server where you need to perform your own token exchanges. This example performs a manual exchange.
Fetch Service Configuration
Make Authorization Requests
this.notifier = new AuthorizationNotifier;// uses a redirect flowthis.authorizationHandler = new RedirectRequestHandler;// set notifier to deliver responsesthis.authorizationHandler.setAuthorizationNotifierthis.notifier;// set a listener to listen for authorization responsesthis.notifier.setAuthorizationListener;// create a request;// make the authorization requestthis.authorizationHandler.performAuthorizationRequestthis.configuration, request;
Making Token Requests
this.tokenHandler = new BaseTokenRequestHandler;;if this.codeelse if this.tokenResponsethis.tokenHandler.performTokenRequestthis.configuration, request.then;
This client has been written with TypeScript.
nvm installto install the recommended Node.js version.
Download the latest version of Visual Studio Code from here.
This app uses
npm to provision it dependencies.
AppAuthJSlibrary and go to the root folder of the project containing
npm installto install all the dev and project dependencies.
Thats it! You are now ready to start working on
The project uses
npm scripts to automate development workflows.
These scripts are made available via the
The following scripts are included:
npm run-script compileor
tscwill compile all your TypeScript files. All compiled files go into the
npm run-script watchor
tsc --watchwill compile your TypeScript files in
watchmode. Recommended if you want to get continuous feedback.
npm run-script build-appgenerates the output
bundle.jsfile in the
built/directory. This includes the full
AppAuthJSlibrary including all its dependencies.
npm testprovisions the
Karmatest runner to run all unit tests. All tests are written using Jasmine. To DEBUG your tests, click on the
Debugbutton in the Karma test runner to look at the actual source of the tests. You can attach break points here.
npm run-script appbuilds the test app on a local web server. This is an end-to-end app which uses AppAuthJS and is a demonstration on how to use the library.
npm run-script node-appbuilds a Node.js CLI sample app. This is an end-to-end app which uses AppAuthJS in a Node.js context.