oauth-state-adapter
v0.0.3
Published
Create and share between workers, OAUTH state for authorization code, authorization code with PKCE and implicit grants
Downloads
2
Readme
Oauth state adapter
Create and share OAUTH state (authorization code, authorization code with PKCE and implicit grants) between workers.
Issues are welcome event for grammar and vocabulary mistakes
Why?
You have many workers running on the same port and all integrating Oauth v2 based authentication.
Let's see the authorization code
flow as example. A request to get a code
is sent to the oauth server with a state
that we generate (should be unique for each request). When the Oauth server send back a response with the code, the probability for the same worker which send the request to handle the response (redirection) is almost zero.
We need a way to share states
between workers so whatever the worker which catch the redirection, It'll able to validate the state and get the token.
Installation
Run the following command to install the package
npm install oauth-state-adapter
Available methods
setupOauthStateMaster
This function is mandatory to setup the oauth states management on the primary process. It doesn't have any parameter.
Function import
import { setupOauthStateMaster } from "oauth-state-adapter";
Function prototype
function setupOauthStateMaster(): void
setupOauthStateInstance
This function is mandatory to setup the oauth states management on the worker. It doesn't have any parameter.
Function import
import { setupOauthStateInstance } from "oauth-state-adapter";
Function prototype
function setupOauthStateInstance(): void
addState
This function can be anywhere in a worker to share a state between all workers.
Function import
import { addState } from "oauth-state-adapter";
Function prototype
function addState(state: string): void
removeState
This function can be anywhere in a worker to remove a state in all workers.
Function import
import { removeState } from "oauth-state-adapter";
Function prototype
function removeState(state: string): void
getStates
This function can be use anywhere in the app, both in primary process and workers. It return the list of states list.
Function import
import { getStates } from "oauth-state-adapter";
Function prototype
function getStates(): string[]
Full example
This example illustrate how states are shared arround workers.
import cluster, { Worker } from "cluster";
import { cpus } from "os";
import {
addState,
getStates,
removeState,
setupOauthStateInstance,
setupOauthStateMaster,
} from "oauth-state-adapter";
const totalCPUs = cpus().length;
if (cluster.isPrimary) {
console.log(`Number of CPUs is ${totalCPUs}`);
console.log(`Master ${process.pid} is running`);
/**
* Setup oauth state on primary worker
*/
setupOauthStateMaster();
// Fork workers.
for (let i = 0; i < totalCPUs; i++) {
cluster.fork();
}
cluster.on("exit", (worker: Worker, code: any, signal: any) => {
console.log(`worker ${worker.process.pid} died`);
console.log("Let's fork another worker!");
cluster.fork();
});
} else {
/**
* Setup oauth state on worker
*/
setupOauthStateInstance();
const state = `worker:${process.pid}`;
/**
* Add a state that will be share with all workers
*/
addState(state);
/**
* Remove the local state automatically after a random delay (0 - 50 seconds)
*/
setTimeout(() => {
console.log(`states before deletion ${process.pid}`, getStates());
/**
* Remove state in all workers
*/
removeState(state);
}, Math.round(Math.random() * 50 * 1000));
}