egg-oauth2-server
Chinese Example | 中文样例教程(注意:文章里使用的是该插件 v1.x 版本,部分 API 名称有变化,主要流程一致)
egg-oauth2-server
is a module that easily adds oauth2 capability to egg-based servers.
- egg 2.x use egg-oauth2-server latest (Node >= 8.0.0)
- egg 1.x use egg-oauth2-server 2.0.x (Node >= 6.0.0)
Install
$ npm i egg-oauth2-server --save
Usage
// {app_root}/config/plugin.js
exports.oAuth2Server = {
enable: true,
package: 'egg-oauth2-server',
};
// {app_root}/app/router.js
app.all('/user/token', app.oAuth2Server.token());
app.get('/user/authorize', app.oAuth2Server.authorize(), 'user.code');
app.get('/user/authenticate', app.oAuth2Server.authenticate(), 'user.authenticate');
// `ctx.state.oauth` has token or code data after middleware for controller.
// {app_root}/config/config.default.js
module.exports = config => {
const exports = {};
exports.oAuth2Server = {
debug: config.env === 'local',
grants: [ 'password' ],
};
return exports;
};
See test/fixtures/apps/oauth2-server-test/config/config.unittest.js for reference.
// {app_root}/app/extend/oauth.js
// or {app_root}/app/extend/oauth.ts
'use strict';
// need implement some follow functions
module.exports = app => {
class Model {
constructor(ctx) {}
async getClient(clientId, clientSecret) {}
async getUser(username, password) {}
async saveAuthorizationCode(code, client, user) {}
async getAuthorizationCode(authorizationCode) {}
async revokeAuthorizationCode(code) {}
async saveToken(token, client, user) {}
async getAccessToken(bearerToken) {}
async revokeToken(token) {}
}
return Model;
};
For full description, check out https://www.npmjs.com/package/oauth2-server.
Examples
A simple password-mode OAuth 2.0 server. Full code at test/fixtures/apps/oauth2-server-test/app/extend/oauth.js
app.oauth.token()
lifecycle
password mode getClient
--> getUser
--> saveToken
app.oauth.authenticate()
lifecycle
password mode Only getAccessToken
app.oauth.authorize()
lifecycle
authorization_code mode getClient
--> getUser
--> saveAuthorizationCode
app.oauth.token()
lifecycle
authorization_code mode getClient
--> getAuthorizationCode
--> revokeAuthorizationCode
--> saveToken
app.oauth.authenticate()
lifecycle
authorization_code mode Only getAccessToken
Questions & Suggestions
Please open an issue. PRs are welcomed too.