passport-oauth1
Passport 的通用 OAuth 1.0 身份验证策略。
此模块允许您在 Node.js 应用程序中使用 OAuth 进行身份验证。
通过插入 Passport,OAuth 身份验证可以轻松且不引人注意地进行
集成到支持的任何应用程序或框架中
Connect 风格的中间件,包括
快递。
请注意,此策略提供通用 OAuth 支持。 在许多情况下,一个
可以改用特定于提供者的策略,这减少了不必要的
配置,并适应任何特定于提供者的怪癖。 见
list 支持
提供商。
需要针对 OAuth 提供程序实施身份验证的开发人员
尚不支持,鼓励将此策略子类化。 如果你
选择开源新的provider-specific strategy,请添加到
列出以便其他人可以找到它。
广告
学习 OAuth 2.0 - 作为 API 安全专家开始
试想一下,如果您具备 OAuth 方面的技能,您的职业生涯会发生什么 > 8500名满意的学生
…
Install
$ npm install passport-oauth1
Usage
OAuth 身份验证策略使用第三方对用户进行身份验证
帐户和 OAuth 令牌。 提供商的 OAuth 端点,以及
消费者密钥和秘密,被指定为选项。 该策略需要一个
verify 回调,接收令牌和配置文件,并调用 cb
提供用户。
passport.use(new OAuth1Strategy({
requestTokenURL: 'https://www.example.com/oauth/request_token',
accessTokenURL: 'https://www.example.com/oauth/access_token',
userAuthorizationURL: 'https://www.example.com/oauth/authorize',
consumerKey: EXAMPLE_CONSUMER_KEY,
consumerSecret: EXAMPLE_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/example/callback",
signatureMethod: "RSA-SHA1"
},
function(token, tokenSecret, profile, cb) {
User.findOrCreate({ exampleId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
Authenticate Requests
使用 passport.authenticate(),指定 'oauth' 策略,以
验证请求。
例如,作为 Express 中的路由中间件
应用程序:
app.get('/auth/example',
passport.authenticate('oauth'));
app.get('/auth/example/callback',
passport.authenticate('oauth', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
Contributing
Tests
测试套件位于test/ 目录中。 所有的新功能都是
希望有相应的测试用例。 确保完整的测试套件
通过执行传递:
$ make test
Coverage
所有新功能开发都应具有测试覆盖率。 补丁那个
增加测试覆盖率很高兴地被接受。 覆盖率报告可以查看
执行:
$ make test-cov
$ make view-cov
License
The MIT License
版权所有 (c) 2011-2016 Jared Hanson <http://jaredhanson.net/>
passport-oauth1
General-purpose OAuth 1.0 authentication strategy for Passport.
This module lets you authenticate using OAuth in your Node.js applications.
By plugging into Passport, OAuth authentication can be easily and unobtrusively
integrated into any application or framework that supports
Connect-style middleware, including
Express.
Note that this strategy provides generic OAuth support. In many cases, a
provider-specific strategy can be used instead, which cuts down on unnecessary
configuration, and accommodates any provider-specific quirks. See the
list for supported
providers.
Developers who need to implement authentication against an OAuth provider that
is not already supported are encouraged to sub-class this strategy. If you
choose to open source the new provider-specific strategy, please add it to the
list so other people can find it.
Advertisement
Learn OAuth 2.0 - Get started as an API Security Expert
Just imagine what could happen to YOUR professional career if you had skills in OAuth > 8500 satisfied students
…
Install
$ npm install passport-oauth1
Usage
The OAuth authentication strategy authenticates users using a third-party
account and OAuth tokens. The provider's OAuth endpoints, as well as the
consumer key and secret, are specified as options. The strategy requires a
verify callback, which receives a token and profile, and calls cb
providing a user.
passport.use(new OAuth1Strategy({
requestTokenURL: 'https://www.example.com/oauth/request_token',
accessTokenURL: 'https://www.example.com/oauth/access_token',
userAuthorizationURL: 'https://www.example.com/oauth/authorize',
consumerKey: EXAMPLE_CONSUMER_KEY,
consumerSecret: EXAMPLE_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/example/callback",
signatureMethod: "RSA-SHA1"
},
function(token, tokenSecret, profile, cb) {
User.findOrCreate({ exampleId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
Authenticate Requests
Use passport.authenticate(), specifying the 'oauth' strategy, to
authenticate requests.
For example, as route middleware in an Express
application:
app.get('/auth/example',
passport.authenticate('oauth'));
app.get('/auth/example/callback',
passport.authenticate('oauth', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
Contributing
Tests
The test suite is located in the test/ directory. All new features are
expected to have corresponding test cases. Ensure that the complete test suite
passes by executing:
$ make test
Coverage
All new feature development is expected to have test coverage. Patches that
increse test coverage are happily accepted. Coverage reports can be viewed by
executing:
$ make test-cov
$ make view-cov
License
The MIT License
Copyright (c) 2011-2016 Jared Hanson <http://jaredhanson.net/>
