passport-openid-oauth20
v1.2.6
Published
OAuth 2.0 authentication strategy for OpenID profiles for Passport.
Downloads
381
Maintainers
Readme
passport-openid-oauth20
Passport strategy for authenticating with OpenID providers using the OAuth 2.0 API.
Install
npm install passport-openid-oauth20
Usage
Configure Strategy
The strategy requires a verify
callback, which receives the access token and optional
refresh token, as well as profile
which contains the authenticated user's
OpenID profile. The verify
callback must call cb
providing a user to
complete authentication.
var OpenIdOAuth2Strategy = require("passport-openid-oauth20").Strategy;
// Example using Google OpenID profile.
passport.use(
"google",
new OpenIdOAuth2Strategy(
{
authorizationURL: "https://accounts.google.com/o/oauth2/v2/auth",
tokenURL: "https://www.googleapis.com/oauth2/v4/token",
userProfileURL: "https://www.googleapis.com/oauth2/v3/userinfo",
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: "https://www.example.net/auth/google/callback"
},
function(accessToken, refreshToken, profile, cb) {
User.findOrCreate(
{ providerId: profile.id, provider: profile.provider },
function(err, user) {
return cb(err, user);
}
);
}
)
);
Authenticate Requests
Use passport.authenticate()
, specifying the strategy name, or 'openid-oauth20'
, to
authenticate requests.
For example, as route middleware in an Express application:
app.get(
"/auth/google",
passport.authenticate("google", { scope: ["profile"] })
);
app.get(
"/auth/google/callback",
passport.authenticate("google", { failureRedirect: "/login" }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect("/");
}
);
License
Copyright (c) 2019 Christophe Querton <https://kertof.com/>