egg-oauth2-server

Install

$ npm i egg-oauth2-server --save

Usage

// {app_root}/config/plugin.js
exports.oauth2Server = {
  enable: true,
  package: 'egg-oauth2-server',
};

// {app_root}/app/router.js
app.all('/user/grant', app.oauth.grant());
app.get('/user/check', app.oauth.authorise(), 'user.check');

Configuration

// {app_root}/config/config.default.js
module.exports = config => {
  const exports = {};
  exports.oauth2Server = {
    debug: config.env === 'local',
    grants: [ 'password' ],
  };
  return exports;
};

See test/fixtures/apps/oauth2-server-test/config/config.unittest.js for reference.

Full description see https://www.npmjs.com/package/oauth2-server.

Implementation Example

A simple implementation of password mode OAuth 2.0 server, see test/fixtures/apps/oauth2-server-test/app/extend/oauth.js

// {app_root}/app/extend/oauth.js
'use strict';

module.exports = () => {
  const model = {};
  model.getClient = (clientId, clientSecret, callback) => {};
  model.grantTypeAllowed = (clientId, grantType, callback) => {};
  model.getUser = (username, password, callback) => {}; // only for password mode
  model.saveAccessToken = (accessToken, clientId, expires, user, callback) => {};
  model.getAccessToken = (bearerToken, callback) => {};
  return model;
};

Full description see https://www.npmjs.com/package/oauth2-server.

password mode app.oauth.grant() lifecycle

getClient --> grantTypeAllowed --> getUser --> saveAccessToken

password mode app.oauth.authorise() lifecycle

Only getAccessToken

Questions & Suggestions

Please open an issue here.

License

MIT