:star2: OAuth2 server plugin for egg.js based on node-oauth2-server
Chinese Example | 中文样例教程(注意:文章里使用的是该插件 v1.x 版本,部分 API 名称有变化,主要流程一致)
egg-oauth2-server is a module that easily adds oauth2 capability to egg-based servers.
$ npm i egg-oauth2-server --save
// {app_root}/config/plugin.jsexports.oAuth2Server = {enable: true,package: 'egg-oauth2-server',};// {app_root}/app/router.jsapp.all('/user/token', app.oAuth2Server.token());app.get('/user/authorize', app.oAuth2Server.authorize(), 'user.code');app.get('/user/authenticate', app.oAuth2Server.authenticate(), 'user.authenticate');// `ctx.state.oauth` has token or code data after middleware for controller.
// {app_root}/config/config.default.jsmodule.exports = config => {const exports = {};exports.oAuth2Server = {debug: config.env === 'local',grants: [ 'password' ],};return exports;};
See test/fixtures/apps/oauth2-server-test/config/config.unittest.js for reference.
// {app_root}/app/extend/oauth.js// or {app_root}/app/extend/oauth.ts'use strict';// need implement some follow functionsmodule.exports = app => {class Model {constructor(ctx) {}async getClient(clientId, clientSecret) {}async getUser(username, password) {}async saveAuthorizationCode(code, client, user) {}async getAuthorizationCode(authorizationCode) {}async revokeAuthorizationCode(code) {}async saveToken(token, client, user) {}async getAccessToken(bearerToken) {}async revokeToken(token) {}}return Model;};
For full description, check out https://www.npmjs.com/package/oauth2-server.
A simple password-mode OAuth 2.0 server. Full code at test/fixtures/apps/oauth2-server-test/app/extend/oauth.js
app.oauth.token() lifecyclegetClient —> getUser —> saveToken
app.oauth.authenticate() lifecycleOnly getAccessToken
app.oauth.authorize() lifecyclegetClient —> getUser —> saveAuthorizationCode
app.oauth.token() lifecyclegetClient —> getAuthorizationCode —> revokeAuthorizationCode —> saveToken
app.oauth.authenticate() lifecycleOnly getAccessToken
Please open an issue. PRs are welcomed too.