Neurotic Pink Mongooses

    authier

    1.0.7 • Public • Published

    Authier

    Simple Authenticator Library

    Authier is a simple library helper to make it easier to implement and serve authentication methods using OAuth2.0.

    Index

    Features

    • No Dependencies
    • Simple to Use

    Install

    To install Authier is simple:

    with npm

    npm i authier

    Test It

    Testing it locally:

    • Clone this project into your local machine.
    • Inside the project folder auth_server_example, run npm install
    • Then just run node index.js or nodemon index.js
    • It will simple use a local file to example a Database and runs some tests
    • Edit at your will to help you understand how the lib works, but it is very simple.

    Example

    Create an extension to override or implement the required functions as showed in the example here:
    Example of Authier Extension

    Auth Flow

    Fields of Client

      /**
       * Client's identification string.
       * @type {String}
       */
      client_id;
    
      /**
       * Client's secret string.
       * @type {String}
       */
      client_secret;
    
      /**
       * Grant types granted for this client
       * @type {String}
       */
      grant_types;
    
      /**
       * Token issuer identification.
       * @type {String}
       */
      issuer;
    
      /**
       * Client option to issue or not a refresh client token - default is true
       * @type {String}
       */
      issues_refresh_token;
    
      /**
       * Client's option whether the redirect_uri is required
       * @type {Boolean}
       */
      redirect_uri_required;
    
      /**
       * Client's redirect uris string separated by spaces
       * @type {String}
       */
      redirect_uris;
    
      /**
       * Refresh Token TTL - default is 7200 seconds
       * @type {Number}
       */
      refresh_token_expires_in;
    
      /**
       * Client's custom scopes string separated by spaces
       * @type {String}
       */
      scopes;
    
      /**
       * Client's option whether the scope is required
       * @type {Boolean}
       */
      scope_required;
    
      /**
       * Client's option whether the state is required
       * @type {Boolean}
       */
      state_required;
    
      /**
       * Token TTL - default is 3600 seconds
       * @type {Number}
       */
      token_expires_in;

    Example of Functions of Auth Flow Implemented

    // --------------------------  AUTH FLOW FUNCTIONS  -----------------------------------
    
    AuthFlow.prototype.findClient = async function findClient(client_id) {
      const clients = await getClients();
      const client = clients.find((cItem) => cItem.client_id === client_id);
      if (!client) {
        throw OAuth2Lib.Errors.INVALID_CLIENT;
      }
      this.setProperties(client);
      return client;
    };
    
    // ------------------------------------------------------------------------------------
    
    AuthFlow.prototype.generateToken = async function generateToken(
      token_data,
      options = {}
    ) {
      return await signToken({
        exp: options.exp || Math.floor(Date.now() / 1000) + this.token_expires_in,
        sub: options.sub,
        iss: this.issuer || options.iss,
        scopes: token_data.scopes || "",
        redirect_uri: token_data.redirect_uri,
      });
    };
    
    // ------------------------------------------------------------------------------------
    
    AuthFlow.prototype.validateToken = async function validateToken(token) {
      try {
        return await checkToken(token);
      } catch (error) {
        throw error;
      }
    };
    
    // ------------------------------------------------------------------------------------

    Client Credentials Flow

    Fields of Code

    It inherits from Auth Flow fields

    Example of Functions of Code Flow Implemented

    There is no need to implement functions as long as you implemented Auth Flow Functions


    Code Flow

    Fields of Code

    It inherits from Auth Flow fields and adds the following:

      /**
       * Authorization Code flow code string.
       * @type {String}
       */
      code;
      
      /**
       * Authorization Code TTL - Default is 5 minutes.
       * @type {Number}
       */
      code_expires_in;

    Example of Functions of Code Flow Implemented

    It inherits from Auth Flow functions and adds the following:

    // --------------------------  AUTHORIZATION CODE FUNCTIONS  --------------------------
    
    AuthorizationCodeFlow.prototype.generateCode = async function generateToken(
      code_data,
      options = {}
    ) {
      return await signToken({
        exp: options.exp || Math.floor(Date.now() / 1000) + this.code_expires_in,
        sub: options.sub,
        iss: this.issuer || options.iss,
        scopes: code_data.scopes || "",
        redirect_uri: code_data.redirect_uri,
      });
    };
    
    // ------------------------------------------------------------------------------------
    
    AuthorizationCodeFlow.prototype.validateCode = async function validateCode(
      code
    ) {
      try {
        return await checkToken(code);
      } catch (error) {
        throw error;
      }
    };
    
    // ------------------------------------------------------------------------------------

    Password Flow

    Fields of Password

    It inherits from Auth Flow fields and adds the following:

      /**
       * Password flow user_name string.
       * @type {String}
       */
      user_name;
      
      /**
       * Password flow password string.
       * @type {String}
       */
      password;

    Example of Functions of Password Flow Implemented

    It inherits from Auth Flow functions and adds the following:

    // --------------------------  PASSWORD FUNCTIONS  ------------------------------------
    
    PasswordFlow.prototype.findResource = async function findResource(user_name) {
      const resources = await getResources();
      const resource = resources.find((rItem) => rItem.user_name === user_name);
      if (!resource) {
        throw OAuth2Lib.Errors.ACCESS_DENIED;
      }
      this.setProperties({ ...resource, grant_types: "password" });
      return resource;
    };
    
    // ------------------------------------------------------------------------------------

    Refresh Token Flow

    Example of Functions of Refresh Token Flow Implemented

    It inherits from Auth Flow functions and adds the following:

    // --------------------------  REFRESH TOKEN FUNCTIONS  -------------------------------
    
    RefreshTokenFlow.prototype.generateRefreshToken =
      async function generateRefreshToken(refresh_token_data, options = {}) {
        return await signToken({
          exp: options.exp || Math.floor(Date.now() / 1000) + this.refresh_token_expires_in,
          sub: options.sub,
          iss: this.issuer || options.iss,
          scopes: refresh_token_data.scopes || "",
          redirect_uri: refresh_token_data.redirect_uri,
        });
      };
    
    // ------------------------------------------------------------------------------------
    
    RefreshTokenFlow.prototype.validateRefreshToken =
      async function validateRefreshToken(refresh_token) {
        try {
          return await checkToken(refresh_token);
        } catch (error) {
          throw error;
        }
      };
    
    // ------------------------------------------------------------------------------------

    Example of All Methods to be Implemented

    The example of all methods that should be implemented:
    Example of Authier Extension

    Install

    npm i authier

    DownloadsWeekly Downloads

    4

    Version

    1.0.7

    License

    MIT

    Unpacked Size

    87.2 kB

    Total Files

    28

    Last publish

    Collaborators

    • arthurgermano