npm
Sign UpSign In

oauth-state-adapter
TypeScript icon, indicating that this package has built-in type declarations

0.0.3 • Public • Published

Oauth state adapter

Create and share OAUTH state (authorization code, authorization code with PKCE and implicit grants) between workers.

Issues are welcome event for grammar and vocabulary mistakes

Why?

You have many workers running on the same port and all integrating Oauth v2 based authentication.

Let's see the authorization code flow as example. A request to get a code is sent to the oauth server with a state that we generate (should be unique for each request). When the Oauth server send back a response with the code, the probability for the same worker which send the request to handle the response (redirection) is almost zero.

We need a way to share states between workers so whatever the worker which catch the redirection, It'll able to validate the state and get the token.

Installation

Run the following command to install the package

npm install oauth-state-adapter

Available methods

setupOauthStateMaster

This function is mandatory to setup the oauth states management on the primary process. It doesn't have any parameter.

Function import

import { setupOauthStateMaster } from "oauth-state-adapter";

Function prototype

function setupOauthStateMaster(): void

setupOauthStateInstance

This function is mandatory to setup the oauth states management on the worker. It doesn't have any parameter.

Function import

import { setupOauthStateInstance } from "oauth-state-adapter";

Function prototype

function setupOauthStateInstance(): void

addState

This function can be anywhere in a worker to share a state between all workers.

Function import

import { addState } from "oauth-state-adapter";

Function prototype

function addState(state: string): void

removeState

This function can be anywhere in a worker to remove a state in all workers.

Function import

import { removeState } from "oauth-state-adapter";

Function prototype

function removeState(state: string): void

getStates

This function can be use anywhere in the app, both in primary process and workers. It return the list of states list.

Function import

import { getStates } from "oauth-state-adapter";

Function prototype

function getStates(): string[]

Full example

This example illustrate how states are shared arround workers.

import cluster, { Worker } from "cluster";
import { cpus } from "os";
import {
  addState,
  getStates,
  removeState,
  setupOauthStateInstance,
  setupOauthStateMaster,
} from "oauth-state-adapter";

const totalCPUs = cpus().length;

if (cluster.isPrimary) {
  console.log(`Number of CPUs is ${totalCPUs}`);
  console.log(`Master ${process.pid} is running`);

  /**
   * Setup oauth state on primary worker
   */
  setupOauthStateMaster();

  // Fork workers.
  for (let i = 0; i < totalCPUs; i++) {
    cluster.fork();
  }

  cluster.on("exit", (worker: Worker, code: any, signal: any) => {
    console.log(`worker ${worker.process.pid} died`);
    console.log("Let's fork another worker!");
    cluster.fork();
  });
} else {
  /**
   * Setup oauth state on worker
   */
  setupOauthStateInstance();

  const state = `worker:${process.pid}`;

  /**
   * Add a state that will be share with all workers
   */
  addState(state);

  /**
   * Remove the local state automatically after a random delay (0 - 50 seconds)
   */
  setTimeout(() => {
    console.log(`states before deletion ${process.pid}`, getStates());
    /**
     * Remove state in all workers
     */
    removeState(state);
  }, Math.round(Math.random() * 50 * 1000));
}

Readme

Keywords

Package Sidebar

Install

npm i oauth-state-adapter

Repository

github.com/noreajs/oauth-state-adapter

Homepage

github.com/noreajs/oauth-state-adapter#readme

Weekly Downloads

3

Version

0.0.3

License

MIT

Unpacked Size

30.9 kB

Total Files

13

Last publish

Collaborators

  • lambou
Try on RunKit
Report malware