new OAuth2() → {object}
The global oauth2 object is the entry point for all methods
Returns:
oauth2 - The oauth2 api
- Type
- object
Methods
-
add(name, settings={}) → {void}
-
The OAuth2 adapter is the default type used when creating a new authorization module. This constructor is instantiated when the "add()" method is called
Parameters:
Name Type Argument Description name
String the name used to reference this particular authz module settings={}
Object the settings to be passed to the adapter settings.clientId
String the client id/ app Id of the protected service settings.base
String base url for all endpoints e.g. "https://accounts.google.com" settings.accessTokenEndpoint
String url to get the token settings.refreshTokenEndpoint
String url to refresh the token settings.revokeTokenEndpoint
String url to revoke the token settings.redirectURL
String the URL to redirect to settings.authEndpoint
String the endpoint for authorization settings.validationEndpoint
String <optional>
the optional endpoint to validate your token. Not in the Spec, but recommend for use with Google's API's settings.scopes
String a space separated list of "scopes" or things you want to access Returns:
- Type
- void
Example
oauth2.add({ name: "coolThing", settings: { clientId: "12345", redirectURL: "http://localhost:3000/redirector.html", authEndpoint: "http://localhost:3000/v1/authz", scopes: "userinfo coolstuff" } });
-
addFacebook(name, settings={}) → {void}
-
Convenience function to add keycloak as a provider
Parameters:
Name Type Description name
String the name used to reference this particular authz module settings={}
Object the settings to be passed to the adapter settings.clientId
String the client id/ app Id of the protected service settings.clientSecret
String the client secret settings.scopes
String comma separated list of "scopes" you want access to Returns:
- Type
- void
Example
oauth2.addFacebook({ name: 'facebook', settings: { clientId: '1511044619160050', clientSecret: '3b08052d3d96e2120f2c53a36eebd02f', scopes: 'photo_upload, publish_actions' } });
-
addGoogle(name, settings={}) → {void}
-
Convenience function to add google as a provider
Parameters:
Name Type Description name
String the name used to reference this particular authz module settings={}
Object the settings to be passed to the adapter settings.clientId
String the client id/ app Id of the protected service settings.scopes
String a space separated list of "scopes" or things you want to access Returns:
- Type
- void
Example
oauth2.addGoogle({ name: 'gplus', settings: { clientId: "617285928032-nnkcrot1827fmd738pug6clbqlgosffs.apps.googleusercontent.com", scopes: 'https://www.googleapis.com/auth/drive' } });
-
addKeycloak(name, settings={}) → {void}
-
Convenience function to add keycloak as a provider
Parameters:
Name Type Description name
String the name used to reference this particular authz module settings={}
Object the settings to be passed to the adapter settings.base
String base url for all endpoints e.g. "https://keycloak:8080/auth" settings.clientId
String the client id/ app Id of the protected service settings.realm
String the keycloak realm Returns:
- Type
- void
Example
oauth2.addKeycloak({ name: 'keycloak', settings: { base: 'http://192.168.1.15:8080/auth', clientId: 'shoot-third-party', realm: "shoot-realm" } });
-
requestAccess() → {Object}
-
Request Access - If the client has no accessToken this will iniciate the oauth "dance", and return the accessToken. If an accessToken was already supplied this will be retuned immediately
Returns:
The ES6 promise (accessToken as a response parameter; if an error is returned)- Type
- Object
Example
oauth2.add({ name: "coolThing", settings: { clientId: "12345", redirectURL: "http://localhost:3000/redirector.html", authEndpoint: "http://localhost:3000/v1/authz", scopes: "userinfo coolstuff" } }); // Make the call. authz.services.coolThing.requestAccess() .then( function( accessToken ){ ... }) .catch( function( error ) { // an error happened }); });