new OAuth2Auth()
Methods
api(method, path, params, handler) → {OAuth2Auth}
Call OAuth2 APIs.
Parameters:
Name | Type | Description |
---|---|---|
method |
Object | HttpMethod |
path |
string | target path |
params |
Object | parameters |
handler |
function | handler |
Returns:
self
- Type
- OAuth2Auth
authenticate(arg0, arg1)
Parameters:
Name | Type | Description |
---|---|---|
arg0 |
Object | |
arg1 |
function |
authorizeURL(params) → {string}
Generate a redirect URL to the authN/Z backend. It only applies to auth_code flow.
Parameters:
Name | Type | Description |
---|---|---|
params |
Object |
Returns:
- Type
- string
decodeToken(token, handler) → {OAuth2Auth}
Decode a token to a AccessToken object. This is useful to handle bearer JWT tokens.
Parameters:
Name | Type | Description |
---|---|---|
token |
string | the access token (base64 string) |
handler |
function | A handler to receive the event |
Returns:
self
- Type
- OAuth2Auth
getFlowType() → {Object}
Returns the configured flow type for the Oauth2 provider.
Returns:
the flow type.
- Type
- Object
getScopeSeparator() → {string}
Returns the scope separator.
The RFC 6749 states that a scope is expressed as a set of case-sensitive and space-delimited strings, however
vendors tend not to agree on this and we see the following cases being used: space, plus sign, comma.
Returns:
what value was used in the configuration of the object, falling back to the default value which is a space.
- Type
- string
getToken(params, handler)
Returns the Access Token object.
Parameters:
Name | Type | Description |
---|---|---|
params |
Object | JSON with the options, each flow requires different options. |
handler |
function | The handler returning the results. |
hasJWTToken() → {boolean}
Returns true if this provider supports JWT tokens as the access_token. This is typically true if the provider
implements the `openid-connect` protocol. This is a plain return from the config option jwtToken, which is false
by default.
This information is important to validate grants. Since pure OAuth2 should be used for authorization and when a
token is requested all grants should be declared, in case of openid-connect this is not true. OpenId will issue
a token and all grants will be encoded on the token itself so the requester does not need to list the required
grants.
Returns:
true if openid-connect is used.
- Type
- boolean
introspectToken(token, tokenType, handler) → {OAuth2Auth}
Query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine
meta-information about this token.
Parameters:
Name | Type | Description |
---|---|---|
token |
string | the access token (base64 string) |
tokenType |
string | hint to the token type e.g.: `access_token` |
handler |
function | A handler to receive the event |
Returns:
self
- Type
- OAuth2Auth