passport-oauth2-jwt-bearer

2019-10-14 admin

passport-oauth2-jwt-bearer是什么

什么是passport-oauth2-jwt-bearer,JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 client authentication strategy for Passport.

passport-oauth2-jwt-bearer使用教程帮助文档

passport-oauth2-jwt-bearer

JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 client authentication strategy for Passport.

This module lets you authenticate requests containing client credentials in a JWT sent in the request body’s assertion field, as defined by the JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 draft. These credentials are typically used to protect the token endpoint and used as an alternative to HTTP Basic authentication. This module is modeled off of Google’s OAuth 2.0 Server to Server Applications. This module can be used with the oauth2orize-jwt-bearer module to create a JWT OAuth 2.0 exchange scenario server.

Install

$ npm install passport-oauth2-jwt-bearer

Usage

Configure Strategy

The JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 client authentication strategy authenticates clients using a JWT. The strategy requires a verify callback, which accepts those credentials and calls done providing a client.

var ClientJWTBearerStrategy = require('passport-oauth2-jwt-bearer').Strategy;

passport.use(new ClientJWTBearerStrategy(
    function(claimSetIss, done) {
        Clients.findOne({ clientId: claimSetIss }, function (err, client) {
            if (err) { return done(err); }
            if (!client) { return done(null, false); }
            return done(null, client);
        });
    }
));

Authenticate Requests

Use passport.authenticate(), specifying the 'oauth2-jwt-bearer' strategy, to authenticate requests.

For example, as route middleware in an Express application, using OAuth2orize middleware to implement the token endpoint:

app.get('/profile',
    passport.authenticate(['oauth2-jwt-bearer'], { session: false }),
    oauth2orize.token());

Tests

$ npm install --dev
$ make test

Credits

License

The MIT License

Copyright © 2012-2013 xTuple <http://www.xtuple.com/>

本站文章除注明转载外,均为本站原创或编译。欢迎任何形式的转载,但请务必注明出处。

转载请注明:文章转载自 JavaScript中文网 [https://www.javascriptcn.com]

本文地址:https://www.javascriptcn.com/read-77364.html

文章标题:passport-oauth2-jwt-bearer

回到顶部