Name: passport-oauth2-jwt-bearer
Owner: xTuple
Description: JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 client authentication strategy for Passport
Created: 2013-03-21 20:53:59.0
Updated: 2017-12-26 09:44:29.0
Pushed: 2017-11-07 13:44:31.0
Homepage: null
Size: 15
Language: JavaScript
GitHub Committers
User | Most Recent Commit | # Commits |
---|---|---|
Jared Hanson | 2013-09-13 03:16:30.0 | 3 |
bendiy | 2017-10-13 15:23:58.0 | 9 |
Gil Moskowitz | 2017-11-07 13:44:30.0 | 1 |
Steve Hackbarth | 2013-05-22 17:44:11.0 | 4 |
Danny Feliz | 2017-10-23 15:57:42.0 | 1 |
Other Committers
User | Most Recent Commit | # Commits | |
---|---|---|---|
John Rogelstad | john@xtuple.com | 2013-03-21 22:36:04.0 | 1 |
JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 client authentication strategy for Passport.
This module lets you authenticate requests containing client credentials in a JWT sent in the request body's assertion field, as defined by the JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 draft. These credentials are typically used to protect the token endpoint and used as an alternative to HTTP Basic authentication. This module is modeled off of Google's OAuth 2.0 Server to Server Applications. This module can be used with the oauth2orize-jwt-bearer module to create a JWT OAuth 2.0 exchange scenario server.
m install passport-oauth2-jwt-bearer
The JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0 client authentication strategy authenticates clients
using a JWT. The strategy requires a verify
callback,
which accepts those credentials and calls done
providing a client.
ClientJWTBearerStrategy = require('passport-oauth2-jwt-bearer').Strategy;
port.use(new ClientJWTBearerStrategy(
function(claimSetIss, done) {
Clients.findOne({ clientId: claimSetIss }, function (err, client) {
if (err) { return done(err); }
if (!client) { return done(null, false); }
return done(null, client);
});
}
Use passport.authenticate()
, specifying the 'oauth2-jwt-bearer'
strategy, to authenticate requests.
For example, as route middleware in an Express application, using OAuth2orize middleware to implement the token endpoint:
get('/profile',
passport.authenticate(['oauth2-jwt-bearer'], { session: false }),
oauth2orize.token());
m install --dev
ke test
Copyright (c) 2012-2013 xTuple <[http: //www.xtuple.com/](http://www.xtuple.com/)>