npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

openid-connect-wo

v1.2.5

Published

This is a fork from https://github.com/agmoyano/OpenIDConnect. This is a fully functional OAuth 2 server implementation, with support for OpenID Connect specification. Based on https://github.com/ammmir/node-oauth2-provider.

Downloads

1

Readme

OAuth 2 Server with OpenID Connect support

This is a fully functional OAuth 2 server implementation, with support for OpenID Connect specification. Based on https://github.com/ammmir/node-oauth2-provider.

News

Major rewrite. Now we use modelling for Model part.

Install

Install via npm:

npm install --save openid-connect

You can add it to your Connect or Express application as another middleware. Be sure to enable the bodyParser and query middleware.

To use it inside your project, just do:

var oidc = require('openid-connect').oidc(options);

and then, for example, with express

app.get('/authorization', oidc.auth());

Options

When you require openid-connect, you may specify options. If you specify them, it must be with a json object with the following properties (all of them are optional):

  • login_url

    URL where login form can be found. Defaults to "/login".

  • consent_url

    URL where consent form can be found. Defaults to "/consent".

  • scopes

    Json object of type { scope name: scope description, ... } used to define custom scopes.

  • models

    Models as described in modelling.

    Actually OpenIDConnect defines 6 models:

    • user: Where user data is stored (email, password, etc).
    • client: Where user can register a client app that will use your project for authentication/authorization.
    • consent: Where user consent of certain scopes for a particular client is stored.
    • auth: Where authorization data is stored (token, expiration date, etc).
    • access: Where access data is stored (token, expiration date, etc).
    • refresh: Where refresh data is stored (token, expiration date, etc).

    You can overwrite any part of any model of OpenIDConnect, or overwrite all of them.

    If you overwrite user model, the new model should conform with OpenID Connect Standard Claims, in order to comply with the spec.

  • adapters

    Adapters as described in modelling.

  • connections

    Connections as described in modelling.

  • policies

    Policies as described in modelling.

  • alien

    You can use your own Waterline collections with OpenIDConnect.

    If you define an alien collection with the same name of one of the models in OpenIDConnect, the last one will be replaced.

    For example:

    var orm = new Waterline();
      
    var MyUserModel = Waterline.collection.extend({
    	identity: 'user',
    	//Collection definition here.
    });
      
    var MyUsersCarModel = Waterline.collection.extend({
    	identity: 'car',
    	//Collection definition here.
    });
      
    var config = {
      collections: {
      	user: MyUserModel, //replace OpenIDConnect user model. 
      	car: MyUsersCarModel //add new model
      }
    }
      
    orm.initialize(config, function(err, result) {
    	var options = {
    		alien: result.collections
    	}
      
    	var oidc = require('openid-connect').oidc(options);
      
    	app.get('/cars', oidc.use(['user', 'car']), function(req, res, next) {
    		...
    	});
    });

    Beware that if you replace an OpenIDConnect model, you won't be able to use populate with other OpenIDConnect models.

    If you replace user model, the new model should conform with OpenID Connect Standard Claims, in order to comply with the spec.

  • orm

    You can replace the whole OpenIDConnect modelling instance with your own.

    Beware that you must implement at least all models and exept for user model, all attributes.

    If in your models, you set autoPK to false, they must have an id attribute that is primary key.

    Notice that you can get OpenIDConnect's default models with require('openid-connect').defaults().models.

    var orm = new modelling(options);
      
    var oidc = require('openid-connect').oidc({orm: orm});

API

  • auth()

    returns a function to be placed as middleware in connect/express routing methods. For example:

    app.get('/authorization', oidc.auth());

    This is the authorization endpoint, as described in http://tools.ietf.org/html/rfc6749#section-3.1

  • consent()

    returns a function to be placed as middleware in connect/express routing methods. For example:

    app.post('/consent', oidc.consent());

    This method saves the consent of the resource owner to a client request, or returns an access_denied error.

  • token()

    returns a function to be placed as middleware in connect/express routing methods. For example:

    app.get('/token', oidc.token());

    This is the token endpoint, as described in http://tools.ietf.org/html/rfc6749#section-3.2

  • check(scope, ...)

    returns a function to be placed as middleware in connect/express routing methods. For example:

    app.get('/api/user', oidc.check('openid', /profile|email/), function(req, res, next) { ... });

    If no arguments are given, checks if user is logged in.

    Arguments may be of type string or regexp.

    This function is used to check if user logged in, if an access_token is present, and if certain scopes where granted to it.

  • removetokens()

    returns a function to be placed as middleware in connect/express routing methods. For example:

    app.get('/logout', oidc.removetokens(), function(req, res, next) { ... });

    This function removes all tokens that were issued to the user.

    access_token is required either as a parameter or as a Bearer token.

  • userInfo()

    returns a function to be placed as middleware in connect/express routing methods. For example:

    app.get('/api/user', oidc.userInfo());

    This function returns the user info in a json object. Checks for scope and login are included.

  • use([name])

    Same description as in modelling. If you defined alien models or your own orm you can call those models as well.

  • getOrm()

    Retrieves current orm of instance.

Example

There is a complete example here.

Help!

Any suggestions, bug reports, bug fixes, pull requests, etc, are very wellcome (here).

Thanks for reading!.