Class OAuth2Util

Usage:

import routing from '@novice1/routing';
import {
  OpenAPI, 
  Postman,
  ContextAuthUtil,
  OAuth2Util,
  GrantType
} from '@novice1/api-doc-generator';

// OAuth2 specifications
const oauth2 = new OAuth2Util('oAuth2AuthCode');
oauth2
  .setDescription('For more information, see https://api.slack.com/docs/oauth')
  .setGrantType(GrantType.authorizationCode)
  .setAuthUrl('https://slack.com/oauth/authorize')
  .setAccessTokenUrl('https://slack.com/api/oauth.access')
  .setScopes({
    'users:read': 'Read user information',
    'users:write': 'Modify user information',
    'im:read': 'Read messages',
    'im:write': 'Write messages',
    'im:history': 'Access the message archive',
    'search:read': 'Search messages, files, and so on'
  });
 
// add it to OpenAPI security schemes
// (required for OpenAPI)
const openapi = new OpenAPI();
openapi.addSecuritySchemes(oauth2);

// add it to Postman global authentication
// (optional for Postman)
const postman = new Postman();
postman.setAuth(oauth2);

// router
const router = routing()
  .get({
    path: '/messages',
    auth: true,
    parameters: {
      // add security requirements for this route
      security: new ContextAuthUtil(
        oauth2,
        // OAuth2 scopes for this route
        ['im:read']
      )
    }
  }, function (req, res) {
    // do something ...
  });

Hierarchy (view full)

Constructors

constructor

Properties

accessTokenUrl? authUrl? challengeAlgorithm? clientAuthentication? clientId? clientSecret? codeVerifier? description? grantType? headerPrefix? host? password? redirectUri? refreshUrl? scopes securitySchemeName state? tokenLocation? tokenName? useBrowser? username?

Methods

addScope clientAuthenticationToBody clientAuthenticationToHeader getAccessTokenUrl getAuthUrl getChallengeAlgorithm getClientAuthentication getClientId getClientSecret getCodeVerifier getDescription getGrantType getHeaderPrefix getHost getPassword getRedirectUri getRefreshUrl getScopes getScopesNames getSecuritySchemeName getState getTokenLocation getTokenName getUseBrowser getUsername removeAccessTokenUrl removeAuthUrl removeChallengeAlgorithm removeClientAuthentication removeClientId removeClientSecret removeCodeVerifier removeDescription removeGrantType removeHeaderPrefix removeHost removePassword removeRedirectUri removeRefreshUrl removeScopes removeState removeTokenLocation removeTokenName removeUseBrowser removeUsername setAccessTokenUrl setAuthUrl setChallengeAlgorithm setClientAuthentication setClientId setClientSecret setCodeVerifier setDescription setGrantType setHeaderPrefix setHost setPassword setRedirectUri setRefreshUrl setScopes setState setTokenLocation setTokenName setUseBrowser setUsername toOpenAPI toOpenAPISecurity toPostman

Constructors

constructor

Properties

Protected Optional accessTokenUrl

accessTokenUrl?: string

Protected Optional authUrl

authUrl?: string

Protected Optional challengeAlgorithm

challengeAlgorithm?: string

Protected Optional clientAuthentication

clientAuthentication?: string

Protected Optional clientId

clientId?: string

Protected Optional clientSecret

clientSecret?: string

Protected Optional codeVerifier

codeVerifier?: string

Protected Optional description

description?: string

Protected Optional grantType

grantType?: string

Protected Optional headerPrefix

headerPrefix?: string

Protected Optional host

host?: string

Very optional. If set, it will be used for postman, concatenating accessTokenUrl and authUrl.

Protected Optional password

password?: string

Protected Optional redirectUri

redirectUri?: string

Protected Optional refreshUrl

refreshUrl?: string

Protected scopes

scopes: Record<string, string> = {}

Protected securitySchemeName

securitySchemeName: string

Protected Optional state

state?: string

Protected Optional tokenLocation

tokenLocation?: string

Protected Optional tokenName

tokenName?: string

Protected Optional useBrowser

useBrowser?: boolean

Protected Optional username

username?: string

Methods

addScope

clientAuthenticationToBody

clientAuthenticationToHeader

getAccessTokenUrl

getAuthUrl

getChallengeAlgorithm

getClientAuthentication

getClientId

getClientSecret

getCodeVerifier

getDescription

getGrantType

getHeaderPrefix

getHost

getPassword

getRedirectUri

getRefreshUrl

getScopes

getScopesNames

getSecuritySchemeName

getState

getTokenLocation

getTokenName

getUseBrowser

getUsername

removeAccessTokenUrl

removeAuthUrl

removeChallengeAlgorithm

removeClientAuthentication

removeClientId

removeClientSecret

removeCodeVerifier

removeDescription

removeGrantType

removeHeaderPrefix

removeHost

removePassword

removeRedirectUri

removeRefreshUrl

removeScopes

removeState

removeTokenLocation

removeTokenName

removeUseBrowser

removeUsername

setAccessTokenUrl

  • setAccessTokenUrl(accessTokenUrl): OAuth2Util

  • Parameters

    • accessTokenUrl: string

      The endpoint for authentication server. This is used to exchange the authorization code for an access token.

    Returns OAuth2Util

setAuthUrl

setChallengeAlgorithm

setClientAuthentication

setClientId

setClientSecret

setCodeVerifier

setDescription

setGrantType

setHeaderPrefix

setHost

setPassword

setRedirectUri

setRefreshUrl

setScopes

  • setScopes(scopes): OAuth2Util

  • Parameters

    • scopes: Record<string, string>

      The scopes of the access request. A map between the scope name and a short description for it. The map MAY be empty.

    Returns OAuth2Util

setState

setTokenLocation

setTokenName

setUseBrowser

setUsername

toOpenAPI

toOpenAPISecurity

toPostman

Settings

Member Visibility

Theme

On This Page

constructoraccessTokenUrlauthUrlchallengeAlgorithmclientAuthenticationclientIdclientSecretcodeVerifierdescriptiongrantTypeheaderPrefixhostpasswordredirectUrirefreshUrlscopessecuritySchemeNamestatetokenLocationtokenNameuseBrowserusernameaddScopeclientAuthenticationToBodyclientAuthenticationToHeadergetAccessTokenUrlgetAuthUrlgetChallengeAlgorithmgetClientAuthenticationgetClientIdgetClientSecretgetCodeVerifiergetDescriptiongetGrantTypegetHeaderPrefixgetHostgetPasswordgetRedirectUrigetRefreshUrlgetScopesgetScopesNamesgetSecuritySchemeNamegetStategetTokenLocationgetTokenNamegetUseBrowsergetUsernameremoveAccessTokenUrlremoveAuthUrlremoveChallengeAlgorithmremoveClientAuthenticationremoveClientIdremoveClientSecretremoveCodeVerifierremoveDescriptionremoveGrantTyperemoveHeaderPrefixremoveHostremovePasswordremoveRedirectUriremoveRefreshUrlremoveScopesremoveStateremoveTokenLocationremoveTokenNameremoveUseBrowserremoveUsernamesetAccessTokenUrlsetAuthUrlsetChallengeAlgorithmsetClientAuthenticationsetClientIdsetClientSecretsetCodeVerifiersetDescriptionsetGrantTypesetHeaderPrefixsetHostsetPasswordsetRedirectUrisetRefreshUrlsetScopessetStatesetTokenLocationsetTokenNamesetUseBrowsersetUsernametoOpenAPItoOpenAPISecuritytoPostman