How to use the passport-oauth2-client-password.Strategy function in passport-oauth2-client-password

To help you get started, we’ve selected a few passport-oauth2-client-password examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github node-red / node-red / packages / node_modules / @node-red / editor-api / lib / auth / strategies.js View on Github external
}
    });
}
bearerStrategy.BearerStrategy = new BearerStrategy(bearerStrategy);

var clientPasswordStrategy = function(clientId, clientSecret, done) {
    Clients.get(clientId).then(function(client) {
        if (client && client.secret == clientSecret) {
            done(null,client);
        } else {
            log.audit({event: "auth.invalid-client",client:clientId});
            done(null,false);
        }
    });
}
clientPasswordStrategy.ClientPasswordStrategy = new ClientPasswordStrategy(clientPasswordStrategy);

var loginAttempts = [];
var loginSignInWindow = 600000; // 10 minutes


var passwordTokenExchange = function(client, username, password, scope, done) {
    var now = Date.now();
    loginAttempts = loginAttempts.filter(function(logEntry) {
        return logEntry.time + loginSignInWindow > now;
    });
    loginAttempts.push({time:now, user:username});
    var attemptCount = 0;
    loginAttempts.forEach(function(logEntry) {
        /* istanbul ignore else */
        if (logEntry.user == username) {
            attemptCount++;
github node-red / node-red / red / api / auth / strategies.js View on Github external
}
    });
}
bearerStrategy.BearerStrategy = new BearerStrategy(bearerStrategy);

var clientPasswordStrategy = function(clientId, clientSecret, done) {
    Clients.get(clientId).then(function(client) {
        if (client && client.secret == clientSecret) {
            done(null,client);
        } else {
            log.audit({event: "auth.invalid-client",client:clientId});
            done(null,false);
        }
    });
}
clientPasswordStrategy.ClientPasswordStrategy = new ClientPasswordStrategy(clientPasswordStrategy);

var loginAttempts = [];
var loginSignInWindow = 600000; // 10 minutes


var passwordTokenExchange = function(client, username, password, scope, done) {
    var now = Date.now();
    loginAttempts = loginAttempts.filter(function(logEntry) {
        return logEntry.time + loginSignInWindow > now;
    });
    loginAttempts.push({time:now, user:username});
    var attemptCount = 0;
    loginAttempts.forEach(function(logEntry) {
        /* istanbul ignore else */
        if (logEntry.user == username) {
            attemptCount++;
github ZZROTDesign / alpine-ghost / ghost / core / server / middleware / index.js View on Github external
setupMiddleware = function setupMiddleware(blogApp, adminApp) {
    var logging = config.logging,
        corePath = config.paths.corePath;

    passport.use(new ClientPasswordStrategy(authStrategies.clientPasswordStrategy));
    passport.use(new BearerStrategy(authStrategies.bearerStrategy));

    // Initialize OAuth middleware
    oauth.init();

    // Make sure 'req.secure' is valid for proxied requests
    // (X-Forwarded-Proto header will be checked, if present)
    blogApp.enable('trust proxy');

    // Logging configuration
    if (logging !== false) {
        if (blogApp.get('env') !== 'development') {
            blogApp.use(logger('combined', logging));
        } else {
            blogApp.use(logger('dev', logging));
        }
github felixrieseberg / Ghost-Azure / core / server / middleware / index.js View on Github external
blogApp.use(compress());
    }

    // ## View engine
    // set the view engine
    blogApp.set('view engine', 'hbs');

    // Create a hbs instance for admin and init view engine
    adminApp.set('view engine', 'hbs');
    adminApp.engine('hbs', adminHbs.express3({}));

    // Load helpers
    helpers.loadCoreHelpers(adminHbs);

    // Initialize Auth Handlers & OAuth middleware
    passport.use(new ClientPasswordStrategy(authStrategies.clientPasswordStrategy));
    passport.use(new BearerStrategy(authStrategies.bearerStrategy));
    oauth.init();

    // Make sure 'req.secure' is valid for proxied requests
    // (X-Forwarded-Proto header will be checked, if present)
    blogApp.enable('trust proxy');

    // Logging configuration
    if (logging !== false) {
        if (blogApp.get('env') !== 'development') {
            blogApp.use(logger('combined', logging));
        } else {
            blogApp.use(logger('dev', logging));
        }
    }
github GPII / universal / gpii / node_modules / gpii-oauth2 / gpii-oauth2-authz-server / src / AuthServer.js View on Github external
gpii.oauth2.passport.listenPassport = function (passport, clientService) {
    // ClientPasswordStrategy reads the client_id and client_secret from the
    // request body. Can also use a BasicStrategy for HTTP Basic authentication.
    passport.use(new ClientPasswordStrategy(
        function (oauth2ClientId, oauth2ClientSecret, done) {
            var clientPromise = clientService.authenticateClient(oauth2ClientId, oauth2ClientSecret);
            gpii.oauth2.oauth2orizeServer.promiseToDone(clientPromise, done);
        }
    ));
};
github materiahq / materia-server / src / api / oauth.ts View on Github external
expires_in: new Date(new Date().getTime() + 3600 * 48 * 1000),
						username: 'admin',
						scope: ['*']
					});
					// Return the token
					return done(
						null /* No error*/,
						token /* The generated token*/,
						null /* The generated refresh token, none in this case */,
						null /* Additional properties to be merged with the token and send in the response */
					);
				})
			)
		);

		passport.use('clientPassword', new ClientPasswordStrategy(this.verifyLogin.bind(this)));
		passport.use('accessToken', new BearerStrategy(this.verifyToken.bind(this)));
	}
github mulesoft / osprey / lib / security / handler.js View on Github external
invariant(
    typeof options.findUserByToken === 'function',
    'Option "findUserByToken" must be a function: %s',
    'https://github.com/jaredhanson/passport-http-bearer#configure-strategy'
  )

  invariant(
    typeof options.authenticateClient === 'function',
    'Option "authenticateClient" must be a function: %s',
    'https://github.com/jaredhanson/passport-oauth2-client-password#configure-strategy'
  )

  // Set up passport for authentication.
  passport.use(BASIC_KEY, new BasicStrategy(options.authenticateClient))
  passport.use(CLIENT_PASSWORD_KEY, new ClientPasswordStrategy(options.authenticateClient))
  passport.use(BEARER_KEY, new BearerStrategy(options.findUserByToken))

  var accessTokenUri = parse(options.accessTokenUri || settings.accessTokenUri).path

  // Body parsing middleware for OAuth 2.0 routes.
  var parseBody = [bodyParser.json(), bodyParser.urlencoded({ extended: false })]

  invariant(
    validPathEnding(settings.accessTokenUri, accessTokenUri),
    '`accessTokenUri` must match the suffix of the RAML `accessTokenUri` setting'
  )

  // Skip authorization page logic if not required.
  if (
    settings.authorizationGrants.indexOf('code') > -1 ||
    settings.authorizationGrants.indexOf('token') > -1
github smooth-code / blog / core / server / auth / passport.js View on Github external
exports.init = function initPassport() {
    passport.use(new ClientPasswordStrategy(authStrategies.clientPasswordStrategy));
    passport.use(new BearerStrategy(authStrategies.bearerStrategy));

    return passport.initialize();
};
github Burtonium / node-from-scratch / authentication / strategies / clientpassword.strategy.js View on Github external
module.exports = function() {
    passport.use('client-password', new ClientPasswordStrategy(
        function(clientId, secret, done) {
            clients.findOne({client_id: clientId})
                .then(client => verifyClient(client, secret))
                .then((client) => {
                    return done(null, client);
                }).catch(err => {
                    return done(err);
                });
        }
    ));
};
github TryGhost / Ghost / core / server / services / auth / passport.js View on Github external
exports.init = function initPassport() {
    passport.use(new ClientPasswordStrategy(authStrategies.clientPasswordStrategy));
    passport.use(new BearerStrategy(authStrategies.bearerStrategy));

    return passport.initialize();
};

passport-oauth2-client-password

OAuth 2.0 client password authentication strategy for Passport.

MIT
Latest version published 10 years ago

Package Health Score

50 / 100
Full package analysis

Popular passport-oauth2-client-password functions