Client library for OctoAuth identity server...
npm install --save octoauth-client
Illustration: implementation of pkce flow for public client
Instanciate OctoAuth client.
import {OctoAuthClient} from 'octoauth-client'
const octo = new OctoAuthClient({
clientId: 'social-network',
redirectURI: 'http://social.example.com',
scopes: ['friends:read', 'friends:edit'],
serverURL: 'https://accounts.example.com'
})
Redirect user to authorization server's /authorize view
octo.redirectToAuthorization();
Handle authorization response (will redirect to authorization if no response is found)
const authorizationCode = octo.getAuthorizationCode()
octo.getTokenGrantFromCode(authorizationCode)
.then(()=>console.log("token grant has been loaded"))
.error(()=>console.log("failed to get tokenGrant"));
Reload authorization from stored refresh_token
octo.reloadAuthorization()
.then(()=>console.log("authorization reloaded"))
.error(()=>console.log("no suitable authorization stored"));
Register a function notified on token change
octo.accessToken.addObserver(accessToken=>{
console.log("new access token value", accessToken);
})
- proof key for code exchange by oauth public clients (rfc7636)
- generate cryptographically secure random numbers
- Support both implicit flow, and authorization code with PKCE.