How to use oauth2orize - 10 common examples

To help you get started, we’ve selected a few oauth2orize examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / auth / index.js View on Github external
var strategies = require("./strategies");
var Tokens = require("./tokens");
var Users = require("./users");
var permissions = require("./permissions");

var theme = require("../editor/theme");

var settings = null;
var log = require("@node-red/util").log; // TODO: separate module


passport.use(strategies.bearerStrategy.BearerStrategy);
passport.use(strategies.clientPasswordStrategy.ClientPasswordStrategy);
passport.use(strategies.anonymousStrategy);

var server = oauth2orize.createServer();

server.exchange(oauth2orize.exchange.password(strategies.passwordTokenExchange));

function init(_settings,storage) {
    settings = _settings;
    if (settings.adminAuth) {
        var mergedAdminAuth = Object.assign({}, settings.adminAuth, settings.adminAuth.module);
        Users.init(mergedAdminAuth);
        Tokens.init(mergedAdminAuth,storage);
    }
}
/**
 * Returns an Express middleware function that ensures the user making a request
 * has the necessary permission.
 *
 * @param {String} permission - the permission required for the request, such as `flows.write`
github cobyism / ghost-on-heroku / core / server / middleware / index.js View on Github external
setupMiddleware = function (server) {
    var logging = config.logging,
        subdir = config.paths.subdir,
        corePath = config.paths.corePath,
        oauthServer = oauth2orize.createServer();

    // silence JSHint without disabling unused check for the whole file
    authStrategies = authStrategies;

    // Cache express server instance
    expressServer = server;
    middleware.cacheServer(expressServer);
    middleware.cacheOauthServer(oauthServer);
    oauth.init(oauthServer, middleware.resetSpamCounter);

    // Make sure 'req.secure' is valid for proxied requests
    // (X-Forwarded-Proto header will be checked, if present)
    expressServer.enable('trust proxy');

    // Logging configuration
    if (logging !== false) {
github ZZROTDesign / alpine-ghost / ghost / core / server / middleware / oauth.js View on Github external
init: function init() {
        oauthServer = oauth2orize.createServer();
        // remove all expired accesstokens on startup
        models.Accesstoken.destroyAllExpired();

        // remove all expired refreshtokens on startup
        models.Refreshtoken.destroyAllExpired();

        // Exchange user id and password for access tokens.  The callback accepts the
        // `client`, which is exchanging the user's name and password from the
        // authorization request for verification. If these values are validated, the
        // application issues an access token on behalf of the user who authorized the code.
        oauthServer.exchange(oauth2orize.exchange.password({userProperty: 'client'},
            exchangePassword));

        // Exchange the refresh token to obtain an access token.  The callback accepts the
        // `client`, which is exchanging a `refreshToken` previously issued by the server
        // for verification. If these values are validated, the application issues an
github chadly / ghost / core / server / services / auth / oauth.js View on Github external
init: function init() {
        oauthServer = oauth2orize.createServer();
        // remove all expired accesstokens on startup
        models.Accesstoken.destroyAllExpired();

        // remove all expired refreshtokens on startup
        models.Refreshtoken.destroyAllExpired();

        // Exchange user id and password for access tokens.  The callback accepts the
        // `client`, which is exchanging the user's name and password from the
        // authorization request for verification. If these values are validated, the
        // application issues an access token on behalf of the user who authorized the code.
        oauthServer.exchange(oauth2orize.exchange.password({userProperty: 'client'},
            exchangePassword));

        // Exchange the refresh token to obtain an access token.  The callback accepts the
        // `client`, which is exchanging a `refreshToken` previously issued by the server
        // for verification. If these values are validated, the application issues an
github felixrieseberg / Ghost-Azure / core / server / middleware / oauth.js View on Github external
init: function init() {
        oauthServer = oauth2orize.createServer();
        // remove all expired accesstokens on startup
        models.Accesstoken.destroyAllExpired();

        // remove all expired refreshtokens on startup
        models.Refreshtoken.destroyAllExpired();

        // Exchange user id and password for access tokens.  The callback accepts the
        // `client`, which is exchanging the user's name and password from the
        // authorization request for verification. If these values are validated, the
        // application issues an access token on behalf of the user who authorized the code.
        oauthServer.exchange(oauth2orize.exchange.password({userProperty: 'client'},
            exchangePassword));

        // Exchange the refresh token to obtain an access token.  The callback accepts the
        // `client`, which is exchanging a `refreshToken` previously issued by the server
        // for verification. If these values are validated, the application issues an
github TryGhost / Ghost / core / server / services / auth / oauth.js View on Github external
init: function init() {
        oauthServer = oauth2orize.createServer();
        // remove all expired accesstokens on startup
        models.Accesstoken.destroyAllExpired();

        // remove all expired refreshtokens on startup
        models.Refreshtoken.destroyAllExpired();

        // Exchange user id and password for access tokens.  The callback accepts the
        // `client`, which is exchanging the user's name and password from the
        // authorization request for verification. If these values are validated, the
        // application issues an access token on behalf of the user who authorized the code.
        oauthServer.exchange(oauth2orize.exchange.password({userProperty: 'client'},
            exchangePassword));

        // Exchange the refresh token to obtain an access token.  The callback accepts the
        // `client`, which is exchanging a `refreshToken` previously issued by the server
        // for verification. If these values are validated, the application issues an
github stanford-oval / thingengine-core / platform / cloud / routes / oauth2.js View on Github external
//
// Copyright 2015 Giovanni Campagna 
//
// See COPYING for details

const Q = require('q');
const crypto = require('crypto');
const express = require('express');
const passport = require('passport');
const oauth2orize = require('oauth2orize');

const BasicStrategy = require('passport-http').BasicStrategy;
const ClientPasswordStrategy = require('passport-oauth2-client-password').Strategy;

// create OAuth 2.0 server
var server = oauth2orize.createServer();

const model = require('../model/oauth2');
const user = require('../util/user');
const db = require('../util/db');

var router = express.Router();

function makeRandom() {
    return crypto.randomBytes(32).toString('hex');
}

// These strategies are used to authenticate oauth2 clients, not
// to authenticate users
function authOAuth2Client(clientId, clientSecret, done) {
    db.withClient(function(dbClient) {
        return model.getClients(dbClient, clientId).then(function(rows) {
github openhab / openhab-cloud / routes / oauth2.js View on Github external
var oauth2orize = require('oauth2orize'),
    passport = require('passport'),
    OAuth2Client = require('../models/oauth2client'),
    OAuth2Code = require('../models/oauth2code'),
    OAuth2Token = require('../models/oauth2token'),
    OAuth2Scope = require('../models/oauth2scope'),
    logger = require('../logger.js'),
    server = oauth2orize.createServer();

// An application must supply serialization functions, which determine how the
// client object is serialized into the session.  Typically this will be a
// simple matter of serializing the client's ID, and deserializing by finding
// the client by ID from the database.

server.serializeClient(function (client, done) {
    return done(null, client._id);
});

server.deserializeClient(function (id, done) {
    OAuth2Client.findOne({
        _id: id
    }, function (error, client) {
        if (error) {
            logger.error('openHAB-cloud: deserializeClient: ' + error);
github FrankHassanabad / Oauth2orizeRecipes / authorization-server / oauth2.js View on Github external
//
// OAuth 2.0 specifies a framework that allows users to grant client
// applications limited access to their protected resources.  It does this
// through a process of the user granting access, and the client exchanging
// the grant for an access token.

const config      = require('./config');
const db          = require('./db');
const login       = require('connect-ensure-login');
const oauth2orize = require('oauth2orize');
const passport    = require('passport');
const utils       = require('./utils');
const validate    = require('./validate');

// create OAuth 2.0 server
const server = oauth2orize.createServer();

// Configured expiresIn
const expiresIn = { expires_in : config.token.expiresIn };

/**
 * Grant authorization codes
 *
 * The callback takes the `client` requesting authorization, the `redirectURI`
 * (which is used as a verifier in the subsequent exchange), the authenticated
 * `user` granting access, and their response, which contains approved scope,
 * duration, etc. as parsed by the application.  The application issues a code,
 * which is bound to these values, and will be exchanged for an access token.
 */
server.grant(oauth2orize.grant.code((client, redirectURI, user, ares, done) => {
  const code = utils.createToken({ sub : user.id, exp : config.codeToken.expiresIn });
  db.authorizationCodes.save(code, client.id, redirectURI, user.id, client.scope)
github amida-tech / DRE / lib / oauth2 / index.js View on Github external
update: function (token, expirationDate, userId, done) {
            AccessTokenModel.update({
                userId: userId
            }, {
                $set: {
                    token: token,
                    expirationDate: expirationDate
                }
            }, done);
        }
    };
})();

// create OAuth 2.0 server
var server = module.exports.oauth2server = oauth2orize.createServer();

server.serializeClient(function (client, done) {
    return done(null, client.id);
});

server.deserializeClient(function (id, done) {
    clients.find(id, function (err, client) {
        if (err) {
            return done(err);
        }
        return done(null, client);
    });
});

server.grant(oauth2orize.grant.code(function (client, redirectUri, user, ares, done) {
    var code = crypto.randomBytes(16).toString('hex');

oauth2orize

OAuth 2.0 authorization server toolkit for Node.js.

MIT
Latest version published 1 year ago

Package Health Score

62 / 100
Full package analysis

Popular oauth2orize functions