@jmondi/oauth2-server

Appearance

Entity Interfaces

Client Entity

This entity represents the client that wants to access the resource server. The client will retrieve an access token from our authorization server and use it to access the resource server.

  • URI must be an absolute URI
  • The endpoint may include application/x-www-form-urlencoded formatted query component which must be retained when adding additional query params
  • the endpoint URI must not include a fragment component
typescript
interface OAuthClient {
  id: string;
  name: string;
  secret?: string;
  redirectUris: string[];
  allowedGrants: GrantIdentifier[];
  scopes: OAuthScope[];
}

Auth Code Entity

The auth code is used to retrieve an access token from the authorization server.

typescript
interface OAuthAuthCode {
  code: string;
  redirectUri?: string;
  codeChallenge?: string;
  codeChallengeMethod?: CodeChallengeMethod;
  expiresAt: Date;
  user?: OAuthUser;
  client: OAuthClient;
  scopes: OAuthScope[];
}

TIP

ts
type CodeChallengeMethod = "S256" | "plain";

Token Entity

The access and refresh token that can be used to authenticate into the resource server. The originatingAuthCodeId will be present only for tokens originating from the authorization code grant; see the revokeDescendantsOf() method on the Token Repository for its significance.

typescript
interface OAuthToken {
  accessToken: string;
  accessTokenExpiresAt: Date;
  refreshToken?: string | null;
  refreshTokenExpiresAt?: Date | null;
  client: OAuthClient;
  user?: OAuthUser | null;
  scopes: OAuthScope[];
  originatingAuthCodeId?: string;
}

User Entity

The resource owner

typescript
interface OAuthUser {
  id: string;
  [key: string]: any;
}

Scope Entity

Scopes are a way to limit an app’s access to a user’s data.

https://www.oauth.com/oauth2-servers/scope/

typescript
interface OAuthScope {
  name: string;
  [key: string]: any;
}

Released under the MIT License.

Copyright © 2023 Jason Raimondi