new OAuth2() → {object}
The global oauth2 object is the entry point for all methods
Returns:
oauth2 - The oauth2 api
- Type
- object
Methods
-
add(name, settings={}) → {void}
-
The OAuth2 adapter is the default type used when creating a new authorization module. This constructor is instantiated when the "add()" method is called
Parameters:
Name Type Argument Description nameString the name used to reference this particular authz module settings={}Object the settings to be passed to the adapter settings.clientIdString the client id/ app Id of the protected service settings.baseString base url for all endpoints e.g. "https://accounts.google.com" settings.accessTokenEndpointString url to get the token settings.refreshTokenEndpointString url to refresh the token settings.revokeTokenEndpointString url to revoke the token settings.redirectURLString the URL to redirect to settings.authEndpointString the endpoint for authorization settings.validationEndpointString <optional>
the optional endpoint to validate your token. Not in the Spec, but recommend for use with Google's API's settings.scopesString a space separated list of "scopes" or things you want to access Returns:
- Type
- void
Example
oauth2.add({ name: "coolThing", settings: { clientId: "12345", redirectURL: "http://localhost:3000/redirector.html", authEndpoint: "http://localhost:3000/v1/authz", scopes: "userinfo coolstuff" } }); -
addFacebook(name, settings={}) → {void}
-
Convenience function to add keycloak as a provider
Parameters:
Name Type Description nameString the name used to reference this particular authz module settings={}Object the settings to be passed to the adapter settings.clientIdString the client id/ app Id of the protected service settings.clientSecretString the client secret settings.scopesString comma separated list of "scopes" you want access to Returns:
- Type
- void
Example
oauth2.addFacebook({ name: 'facebook', settings: { clientId: '1511044619160050', clientSecret: '3b08052d3d96e2120f2c53a36eebd02f', scopes: 'photo_upload, publish_actions' } }); -
addGoogle(name, settings={}) → {void}
-
Convenience function to add google as a provider
Parameters:
Name Type Description nameString the name used to reference this particular authz module settings={}Object the settings to be passed to the adapter settings.clientIdString the client id/ app Id of the protected service settings.scopesString a space separated list of "scopes" or things you want to access Returns:
- Type
- void
Example
oauth2.addGoogle({ name: 'gplus', settings: { clientId: "617285928032-nnkcrot1827fmd738pug6clbqlgosffs.apps.googleusercontent.com", scopes: 'https://www.googleapis.com/auth/drive' } }); -
addKeycloak(name, settings={}) → {void}
-
Convenience function to add keycloak as a provider
Parameters:
Name Type Description nameString the name used to reference this particular authz module settings={}Object the settings to be passed to the adapter settings.baseString base url for all endpoints e.g. "https://keycloak:8080/auth" settings.clientIdString the client id/ app Id of the protected service settings.realmString the keycloak realm Returns:
- Type
- void
Example
oauth2.addKeycloak({ name: 'keycloak', settings: { base: 'http://192.168.1.15:8080/auth', clientId: 'shoot-third-party', realm: "shoot-realm" } }); -
requestAccess() → {Object}
-
Request Access - If the client has no accessToken this will iniciate the oauth "dance", and return the accessToken. If an accessToken was already supplied this will be retuned immediately
Returns:
The ES6 promise (accessToken as a response parameter; if an error is returned)- Type
- Object
Example
oauth2.add({ name: "coolThing", settings: { clientId: "12345", redirectURL: "http://localhost:3000/redirector.html", authEndpoint: "http://localhost:3000/v1/authz", scopes: "userinfo coolstuff" } }); // Make the call. authz.services.coolThing.requestAccess() .then( function( accessToken ){ ... }) .catch( function( error ) { // an error happened }); });