npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

local-tokens

v0.2.1

Published

Bundled oauth-mock-server with pre-configured token clients (sinple-oauth2) for testing services and middleware

Downloads

6

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

electblakeelectblake

Keywords

testingoauthtokenslocalhostmocksoauth-mock-serverauthtoken-verifysimple-oauth2

Readme

Local Tokens

Get a working oauth mock server for testing, with pre-configured clients to generate tokens

Features

  • Start a local oauth mock server
  • Can utilize JWKS URIs for token validation
  • Can generate tokens via Client Credentials and Password Grants
  • Works with token-verify

Overview

Example Test

We love vitest, but should work in any test-runner you like:

import LocalTokens from 'local-tokens'
import { JwtClient } from 'token-verify'

describe('My Program', () => {
  it('can create token with pre-built password grant client', async () => {
    const audience = 'apiAudience'
    const server = new LocalTokenServer({ audience, secret: 'not-really-a-secret' })
    // start the server, to resolve URLs
    const { openidUri, tokenHost, jwksUri } = await server.start(3000, 'localhost')
    // openidUri - tokenHost/.well-known/openid-configuration
    // jwksUri - tokenHost/jwks
    // tokenHost - http://localhost:3000

    // ok now get a client and try it out
    // - ClientCredentials client also available
    const { ResourceOwnerPassword } = server.buildClients()

    expect(ResourceOwnerPassword).toBeTruthy()
    expect(ResourceOwnerPassword).toHaveProperty('getToken')

    const res = await ResourceOwnerPassword.getToken({
      // any username and password are accepted
      username: 'foo',
      password: 'bar',
      // scopes are respected unless hooks have modified
      scope: 'openid offline_access profile email address phone',
    })

    const token = res.token.access_token

    // verify token and get payload
    const verify = new JwtClient({ audience, jwksUri, issuer: [tokenHost] })
    const payload = await verify.verifyAndDecode(token)
    console.log('payload', payload)
    // success
    expect(payload.aud).toBeStrict([audience])
    await server.stop()
  })
})

Using Hooks

Hooks are how to modify the server behaviour when creating tokens, validating requests and more!

Debugging

Local Tokens server utilizes the well-known debug package, so debugging scopes is similar to expressjs

DEBUG=local-tokens:* npm run test

Contributor Commands

| Command | Purpoose | |---------------------------------|-------------------------------| | make install or brew bundle | install system dependencies | | npm run test | execute vitest | | npm run build or make build | build for any nodejs platform |

Attributions

  • https://github.com/axa-group/oauth2-mock-server
  • https://www.npmjs.com/package/simple-oauth2