Class: OAuth2

OAuth2

new OAuth2() → {object}

The global oauth2 object is the entry point for all methods
Source:
Returns:
oauth2 - The oauth2 api
Type
object

Methods

add(name, settings={}) → {void}

The OAuth2 adapter is the default type used when creating a new authorization module. This constructor is instantiated when the "add()" method is called
Parameters:
Name Type Argument Description
name String the name used to reference this particular authz module
settings={} Object the settings to be passed to the adapter
settings.clientId String the client id/ app Id of the protected service
settings.base String base url for all endpoints e.g. "https://accounts.google.com"
settings.accessTokenEndpoint String url to get the token
settings.refreshTokenEndpoint String url to refresh the token
settings.revokeTokenEndpoint String url to revoke the token
settings.redirectURL String the URL to redirect to
settings.authEndpoint String the endpoint for authorization
settings.validationEndpoint String <optional>
the optional endpoint to validate your token. Not in the Spec, but recommend for use with Google's API's
settings.scopes String a space separated list of "scopes" or things you want to access
Source:
Returns:
Type
void
Example
oauth2.add({
    name: "coolThing",
    settings: {
        clientId: "12345",
        redirectURL: "http://localhost:3000/redirector.html",
        authEndpoint: "http://localhost:3000/v1/authz",
        scopes: "userinfo coolstuff"
    }
});

addFacebook(name, settings={}) → {void}

Convenience function to add keycloak as a provider
Parameters:
Name Type Description
name String the name used to reference this particular authz module
settings={} Object the settings to be passed to the adapter
settings.clientId String the client id/ app Id of the protected service
settings.clientSecret String the client secret
settings.scopes String comma separated list of "scopes" you want access to
Source:
Returns:
Type
void
Example
oauth2.addFacebook({
  name: 'facebook',
  settings: {
    clientId: '1511044619160050',
    clientSecret: '3b08052d3d96e2120f2c53a36eebd02f',
    scopes: 'photo_upload, publish_actions'
  }
});

addGoogle(name, settings={}) → {void}

Convenience function to add google as a provider
Parameters:
Name Type Description
name String the name used to reference this particular authz module
settings={} Object the settings to be passed to the adapter
settings.clientId String the client id/ app Id of the protected service
settings.scopes String a space separated list of "scopes" or things you want to access
Source:
Returns:
Type
void
Example
oauth2.addGoogle({
    name: 'gplus',
    settings: {
      clientId: "617285928032-nnkcrot1827fmd738pug6clbqlgosffs.apps.googleusercontent.com",
      scopes: 'https://www.googleapis.com/auth/drive'
    }
  });

addKeycloak(name, settings={}) → {void}

Convenience function to add keycloak as a provider
Parameters:
Name Type Description
name String the name used to reference this particular authz module
settings={} Object the settings to be passed to the adapter
settings.base String base url for all endpoints e.g. "https://keycloak:8080/auth"
settings.clientId String the client id/ app Id of the protected service
settings.realm String the keycloak realm
Source:
Returns:
Type
void
Example
oauth2.addKeycloak({
    name: 'keycloak',
    settings: {
      base: 'http://192.168.1.15:8080/auth',
      clientId: 'shoot-third-party',
      realm: "shoot-realm"
    }
  });  

requestAccess() → {Object}

Request Access - If the client has no accessToken this will iniciate the oauth "dance", and return the accessToken. If an accessToken was already supplied this will be retuned immediately
Source:
Returns:
The ES6 promise (accessToken as a response parameter; if an error is returned)
Type
Object
Example
oauth2.add({
    name: "coolThing",
    settings: {
        clientId: "12345",
        redirectURL: "http://localhost:3000/redirector.html",
        authEndpoint: "http://localhost:3000/v1/authz",
        scopes: "userinfo coolstuff"
    }
});
// Make the call.
authz.services.coolThing.requestAccess()
    .then( function( accessToken ){
        ...
    })
    .catch( function( error ) {
        // an error happened
    });
});