Class OAuth2Strategy<User>

Type Parameters

  • User

Hierarchy

Constructors

Properties

client: OAuth2Client
name: string = "oauth2"

The name of the strategy. This will be used by the Authenticator to identify and retrieve the strategy.

verify: VerifyFunction<User, VerifyOptions>

Methods

  • The authentication flow of the strategy.

    This method receives the Request from the authenticator we want to authenticate.

    At the end of the flow, it will return a the User data to be used by the application.

    Parameters

    Returns Promise<User>

  • Return extra parameters to be included in the authorization request.

    Some OAuth 2.0 providers allow additional, non-standard parameters to be included when requesting authorization. Since these parameters are not standardized by the OAuth 2.0 specification, OAuth 2.0-based authentication strategies can override this function in order to populate these parameters as required by the provider.

    Parameters

    Returns URLSearchParams

  • Returns { codeVerifier: string; state: string; url: URL }

  • Get a new OAuth2 Tokens object using the refresh token once the previous access token has expired.

    Parameters

    • refreshToken: string

      The refresh token to use to get a new access token

    Returns Promise<OAuth2Tokens>

    The new OAuth2 tokens object

    let tokens = await strategy.refreshToken(refreshToken);
    console.log(tokens.accessToken());
  • Users the token revocation endpoint of the identity provider to revoke the access token and make it invalid.

    Parameters

    • token: string

      The access token to revoke

    Returns Promise<void>

    // Get it from where you stored it
    let accessToken = await getAccessToken();
    await strategy.revokeToken(tokens.access_token);
  • Parameters

    • code: string
    • codeVerifier: string

    Returns Promise<OAuth2Tokens>

  • Discover the OAuth2 issuer and create a new OAuth2Strategy instance from the OIDC configuration that is returned.

    This method will fetch the OIDC configuration from the issuer and create a new OAuth2Strategy instance with the provided options and verify function.

    Type Parameters

    Parameters

    • this: new (options: ConstructorOptions, verify: VerifyFunction<U, VerifyOptions>) => M
    • uri: string | URL

      The URI of the issuer, this can be a full URL or just the domain

    • options: Pick<
          ConstructorOptions,
          "cookie"
          | "clientId"
          | "clientSecret"
          | "redirectURI"
          | "scopes",
      > & Partial<
          Omit<
              ConstructorOptions,
              "cookie"
              | "clientId"
              | "clientSecret"
              | "redirectURI"
              | "scopes",
          >,
      >

      The rest of the options to pass to the OAuth2Strategy constructor, clientId, clientSecret, redirectURI, and scopes are required.

    • verify: VerifyFunction<U, VerifyOptions>

      The verify function to use with the OAuth2Strategy instance

    Returns Promise<M>

    A new OAuth2Strategy instance

    let strategy = await OAuth2Strategy.discover(
    "https://accounts.google.com",
    {
    clientId: "your-client-id",
    clientSecret: "your-client-secret",
    redirectURI: "https://your-app.com/auth/callback",
    scopes: ["openid", "email", "profile"],
    },
    async ({ tokens }) => {
    return getUserProfile(tokens.access_token);
    },