Skip to content

QubitPi/oauth-in-action-code

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

340 Commits
.github
.github
 
 
1-basic
1-basic
 
 
2-refresh-accessd-token
2-refresh-accessd-token
 
 
21-unsigned-jwt
21-unsigned-jwt
 
 
28-openid-connect
28-openid-connect
 
 
3-parsing-token-in-resource-server
3-parsing-token-in-resource-server
 
 
4-scopped-http-methods
4-scopped-http-methods
 
 
5-different-scopes-for-different-data-results
5-different-scopes-for-different-data-results
 
 
6-different-data-results-for-different-users
6-different-data-results-for-different-users
 
 
7-authorization-server-basics
7-authorization-server-basics
 
 
8-authorization-server-refresh-token
8-authorization-server-refresh-token
 
 
class
class
 
 
docs
docs
 
 
example
example
 
 
exercises
exercises
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
authorizationServer-js.png
authorizationServer-js.png
 
 
client-js.png
client-js.png
 
 
protectedResource-js.png
protectedResource-js.png
 
 

Repository files navigation

OAuth 2 Study Project

A set of start-from-scratch OAuth applications in JavaScript using the Express.js web application framework running on Node.js, a server-side JavaScript engine.

  1. OAuth Client

  2. Resource Server

  3. Authorization Server

  4. JWT

  5. Authentication with OpenID Connect

To run each module, cd into that module and start all components by

npm install
node client.js & node authorizationServer.js & node protectedResource.js

To stop all components:

ps -a | grep -E -- 'client.js|authorizationServer.js|protectedResource.js'| awk '{print $1}' | xargs kill

We are only making use of library code for non-OAuth-specific functionality to avoid complicated dependencies

Each component is set up to run on a different port on localhost, in a separate process:

  • protected resource and authorization server share a file-based NoSQL db located in the same directory. The file name is "database.nosql". Note that editing this file by hand is dangerous while the system is running. Luckily, resetting the database is as simple as deleting the "database.nosql" file and restarting the programs. Note that this file isn't created until the authorization server stores a token in it the first time, and its contents are reset every time the authorization server is restarted.

Notes

All of the applications have been set up to serve static files such as images and Cascading Style Sheets (CSS). These are included in the files directory. In addition, there are HTML templates in the files directory. These are used in the applications to generate HTML pages based on variable inputs. When templates are used, they are set up at the beginning of the application with the following code:

app.engine('html', cons.underscore);
app.set('view engine', 'html');
app.set('views', 'files');

License

The use and distribution terms for oauth-in-action-code are covered by the Apache License, Version 2.0.

About

Source code for OAuth 2 in Action

qubitpi.github.io/oauth-in-action-code/

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 54.7%
  • HTML 45.2%
  • CSS 0.1%