cmd-johnson / deno-oauth2-client Goto Github PK
View Code? Open in Web Editor NEWMinimalistic OAuth 2.0 client for Deno.
License: MIT License
Minimalistic OAuth 2.0 client for Deno.
License: MIT License
When using oauth2Client.refreshToken.refresh()
, how do I handle when the refresh token has expired? AFAIK an error is thrown, but I'm not sure which error. My thoughts are it'd be handled like this:
try {
await oauth2Client.refreshToken.refresh(refreshToken);
} catch (error) {
if (isRefreshTokenExpired(error) {
return null;
}
throw error;
}
The tests added in #1 should be run on every commit and PR.
When trying to work with Linear OAuth I found this check. Linear returns a list back, not a string and thus the parse fails.
I'm not clear on need to check for scope at this stage, but maybe consider supporting a list of strings?
Examples would help people in learning how to use the module.
For now, at least add the basic usage using Deno's built in http
module and oak
.
Add tests for all included classes and their methods.
The JSON entry 'name' has changed to 'login'. This breaks the examples and nothing is shown in the login page. After changing it to 'login' the GitHub user name is shown.
https://github.com/cmd-johnson/deno-oauth2-client/blame/master/README.md#L54
https://github.com/cmd-johnson/deno-oauth2-client/blame/master/examples/oak.ts#L31
https://github.com/cmd-johnson/deno-oauth2-client/blob/master/examples/http.ts#L49
Here a working example for deno.dev hosting: https://dash.deno.com/projects/dry-pigeon-88
I had some of our tokens misconfigured and GitHub was answering 200 from https://github.com/login/oauth/access_token with the following body:
{
error: "incorrect_client_credentials",
error_description: "The client_id and/or client_secret passed are incorrect.",
error_uri: "https://docs.github.com/apps/managing-oauth-apps/troubleshooting-oauth-app-access-token-request-erro"... 32 more characters
}
Instead, I received Invalid token response: missing access_token
and it took me a while to debug as I had to inject the library to find the root issue. Indeed GitHub implementation is far from ideal, yet I believe this corner case should become more visible when it happens (e.g. showing the body without sensitive fields or checking whether there is an error field).
JSR is Deno's new JavaScript registry. Publishing here will allow dependent modules to publish to JSR, too. Some work would be required, but it wouldn't be hard. I'd be happy to lend a hand.
References:
Hello. I just wanted to post an update regarding the Deno.HttpClient. Is it possible you can use this instead of OAK?
It would be nice to have a 100% deno solution.
A module with 100% test coverage isn't worth much if nobody understands how to actually use it.
Add Doc-Comments to all public methods and classes so people can understand how the module is used outside the basic examples requested in #6.
To allow a consuming project to utilitize the config type without pulling in the full dependency of the OAuth2Client.
This could be completely backwards compatible by re-exporting the type from the oauth2_client.ts
Happy to submit PR if you are open to this.
Currently, the OAuth2ClientConfig
interface has a defaults
property containing requestOptions
, scope
and stateValidator
.
I think the interface would be a little easier to work with if these properties didn't lie within the defaults
property and instead just lived alongside the other properties in the interface, top-level. E.g. having these flat would allow us to use Required<OAuth2ClientConfig, "scope" | "redirectUri">
.
If this were done, usability or understandability would not be lost. I'd be happy to submit a PR.
Related denoland/deno_kv_oauth#193
Working with a NetDocuments OAuth server it returns the client credentials token with expires_in formatted as a string and not a number.
Would it be possible to modify grant_base.ts parseTokenResponse method to support expires_in as both number and string and convert to number if needed prior to assignment to tokens.expires_in?
Example Concept...
if (
! ['number', 'string'].includes(typeof body.expires_in)
) {
throw new TokenResponseError(
"expires_in is not a string or number",
response,
);
}
....
if (body.expires_in) {
if (typeof body.expires_in == 'string') {
body.expires_in = parseInt(body.expires_in);
}
tokens.expiresIn = body.expires_in;
}
I am unsur3 why I am getting the following error. This is occuring in the callback
. The clientId is being set hardcoded and passes the initial signin
so unsure why. I am using Auth0
[uncaught application error]: Error - OAuth2Strategy requires a clientID option
request: {
url: "http://localhost:8000/callback?error=server_error&error_description=OAuth2Strategy%20requires%20a%20"... 17 more characters,
method: "GET",
hasBody: false
}
response: { status: 404, type: undefined, hasBody: false, writable: true }
at Function.fromURLSearchParams (https://deno.land/x/[email protected]/src/errors.ts:55:12)
at AuthorizationCodeGrant.validateAuthorizationResponse (https://deno.land/x/[email protected]/src/authorization_code_grant.ts:181:33)
at AuthorizationCodeGrant.getToken (https://deno.land/x/[email protected]/src/authorization_code_grant.ts:139:34)
at file:///home/adoublef/github.com/adoublef-js/oak-auth0/main.ts:42:44
at dispatch (https://deno.land/x/[email protected]/middleware.ts:41:13)
at https://deno.land/x/[email protected]/router.ts:1232:20
at dispatch (https://deno.land/x/[email protected]/middleware.ts:41:13)
at composedMiddleware (https://deno.land/x/[email protected]/middleware.ts:44:12)
at dispatch (https://deno.land/x/[email protected]/router.ts:1238:22)
at dispatch (https://deno.land/x/[email protected]/middleware.ts:41:13)
Having a test coverage badge instils confidence in developers using this module. It also highlights where test coverage can be improved, possibly attractive to contributors. It'd be great if this module had one. Codecov appears to work great. For configuration examples, see:
I have an issue open on their page already, but I wanted to to add here too as I am trying to figure how what may be causing the callback to fail. seems that its when the getToken
method is called (authorization_code_grant.ts#L135).
The author states that the context.req.raw
object is a Request
object so it should work but having issues
I am looking to use this alongside auth0 and I wanted to know how I would go about including the audience when crafting the url? I can see that there are additional options here
// extracted from my application
return new OAuth2Client({
defaults: {
requestOptions: {
urlParams: {
audience: Deno.env.get("AUTH0_AUDIENCE")!,
},
},
However this doesn't seem to be used within the code.getAuthorizationUri
method and wondering what is the recommended way of setting this up. The audience is required to get a valid JWT back from their services (without the audience the payload is missing)
Or, more specifically, something like OAuth2Client.getUserInfo(accessToken: string): Promise<unknown>
. This would require adding a userInfoUri?: string
property to OAuth2ClientConfig
. I'd be happy to submit a PR.
P.S. We use this module for the official Deno KV OAuth module. Thank you for this great module. If you have any ideas on improving this module (deno-oauth2-client) or ours (deno_kv_oauth), I'd be happy to help!
Is there a particular reason for this library not to return the id_token when present aside the access and refresh token?
This would require an OAuth2ClientConfig.tokenRevokeUri?: string
(or similar) property.
E.g. LinkedIn OAuth doesn't send the token_type
in the response.
https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?tabs=HTTPS1#response
Thus the getToken flow is erroring out.
https://github.com/cmd-johnson/deno-oauth2-client/blob/master/src/grant_base.ts#L99-L104
I want to add middleware to check user and how to do it?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.