npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

coauth

v0.0.1

Published

OAuth client for apis using noauth

Downloads

7

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dimsmoldimsmol

Keywords

Readme

Usage

NOTE coauth client scripts use JSON object, so provide a polyfill if you need it for old browsers.

  • Add coauth resources to your contract (see resources)
  • Provide pages for options.authPageUrl and options.resultPageUrl with appropriate scripts (examples can be found in page_examples directory)
  • Add coauth client script to your page
  • Use script when need to authenticate

Workflow

auth

  • Script opens stub window with url options.authPageUrl
  • Script obtains auth url from auth_url resource
  • Script redirects opened window to auth url
  • External system acts, then redirects to stub window with url options.resultPageUrl
  • Script performs request to 'result' resource to obtain auth result and calls your callback function providing error or result

If you want to perform last step by yourself (to customise it or whatever), you can set options.customAuthResultRequest = true then instead of the last step the following will happen:

  • Script composes data for obtaining auth result and calls your callback function, providing them as 'result' argument
  • Your callback function must itself perform request to get auth result
    • You can use auth.authResultHttpRequest() and auth.authResultFrameRequest() helper functions for this if you just want modified headers or data to be sent to standard 'result' resource
  • To close any windows or frames created your callback must call authWorker.closeWindow() after all is done

tryAuth

The same as auth, but tries to do all the things within hidden iframe.

Works only if external service can authenticate a user without interaction (redirects back instantly). Otherwise will fail on timeout.

Resources

Resource creation provided by ResourceCreator class.

auth_url

Generates external system auth url.

Use createAuthUrlResource() method.

result

Exchanges data obtained after redirection to auth url with auth result.

Use createAuthResultResource() method.

js

For test purposes only. Exposes coauth client script.

Use createJsResource() method .

Client script

Usage

var auth = new coauth.Auth(url);

var options = {
	providerType: 'fb',
	authPageUrl: '/heading/to/external/system/page',
	resultPageUrl: 'http://example.com/comming/back/page'
};

var authWorker = auth.auth(options, function(err, result) {
	if(err) {
		console.log('err', err);
	} else {
		console.log('result', result);

		// if options.customAuthResultRequest == true
		// call your result resource providing 'result' parameter,
		// on complete call:
		// authWorker.closeWindow();
	}
});

Options

Required options are:

  • providerType
  • authPageUrl
  • resultPageUrl
{
	providerType: '', // provider type
	identity: null, // your identity if need
	hidden: false, // if true, make auth() work exactly as tryAuth(), has no effect for tryAuth()

	authPageUrl: '', // stub page to show before redirection to external system, must contain appropriate sript (see page_examples dir)
	resultPageUrl: '', // stub page to show on redirection from external system, must contain appropriate sript (see page_examples dir) and must be full url (because will be used as redirect URI)

	customAuthResultRequest: false, // set to true if want to request result resource by yourself
	postMessageWorkaroundFuncName: '', // what function to call on opened window if postMessage() doesn't work
	tryAuthTimeout: 5000, // timeout for tryAuth(), null - use default, 0 - no timeout

	window: {
		features: 'dialog=true', // features of popup window
		closeCheckInterval: 200 // how often to check if window is closed by user, ms
	},

	auth: { // provider-specific auth step options
		scope: [] // permissions requested
		// other provider-specific options
	},

	result: { // provider-specific result obtaining step options
		fields: [] // fields requested
		// other provider-specific options
	}
}

Response

All server response objects have following properties:

  • status - HTTP status
  • headers - optional headers
  • data - data sent by server, contains actual result (see below)
  • transport - optional, xhr object in case of xhr request

Result

For standard flow, see Validation.AuthResult

For customAuthResultRequest == true result contains at least following:

  • identity
  • providerType
  • options (options.result subpart only)

Possible errors in callback function

Error is an Error with following possible properties:

  • code - error code
  • status - optional http status
  • message - optional error message
  • response - optional response as obtained from server
  • optional other attributes

coauth errors:

  • WindowClosed - user closed auth window
  • Timeout - tryAuth() timeout
  • 400 ValidationError - invalid arguments

Noauth/provider errors:

  • 400 InputError - data provided to noauth are invalid (possibly error in options)
  • 409 UserDenied - user rejected to authenticate
  • 500 ProviderConnectionError - cannot connect to provider
  • 500 ProviderTechnicalError - provider experiences technical problems (returns 500, 502, "unknown error", etc.)
  • 500 ProviderError - other provider-related error (can indicate problems with coauth)

Other errors are unlikely, but still can be raised.

License

MIT