Create and share OAUTH state (authorization code, authorization code with PKCE and implicit grants) between workers.
Issues are welcome event for grammar and vocabulary mistakes
You have many workers running on the same port and all integrating Oauth v2 based authentication.
Let's see the authorization code
flow as example. A request to get a code
is sent to the oauth server with a state
that we generate (should be unique for each request). When the Oauth server send back a response with the code, the probability for the same worker which send the request to handle the response (redirection) is almost zero.
We need a way to share states
between workers so whatever the worker which catch the redirection, It'll able to validate the state and get the token.
Run the following command to install the package
npm install oauth-state-adapter
This function is mandatory to setup the oauth states management on the primary process. It doesn't have any parameter.
Function import
import { setupOauthStateMaster } from "oauth-state-adapter";
Function prototype
function setupOauthStateMaster(): void
This function is mandatory to setup the oauth states management on the worker. It doesn't have any parameter.
Function import
import { setupOauthStateInstance } from "oauth-state-adapter";
Function prototype
function setupOauthStateInstance(): void
This function can be anywhere in a worker to share a state between all workers.
Function import
import { addState } from "oauth-state-adapter";
Function prototype
function addState(state: string): void
This function can be anywhere in a worker to remove a state in all workers.
Function import
import { removeState } from "oauth-state-adapter";
Function prototype
function removeState(state: string): void
This function can be use anywhere in the app, both in primary process and workers. It return the list of states list.
Function import
import { getStates } from "oauth-state-adapter";
Function prototype
function getStates(): string[]
This example illustrate how states are shared arround workers.
import cluster, { Worker } from "cluster";
import { cpus } from "os";
import {
addState,
getStates,
removeState,
setupOauthStateInstance,
setupOauthStateMaster,
} from "oauth-state-adapter";
const totalCPUs = cpus().length;
if (cluster.isPrimary) {
console.log(`Number of CPUs is ${totalCPUs}`);
console.log(`Master ${process.pid} is running`);
/**
* Setup oauth state on primary worker
*/
setupOauthStateMaster();
// Fork workers.
for (let i = 0; i < totalCPUs; i++) {
cluster.fork();
}
cluster.on("exit", (worker: Worker, code: any, signal: any) => {
console.log(`worker ${worker.process.pid} died`);
console.log("Let's fork another worker!");
cluster.fork();
});
} else {
/**
* Setup oauth state on worker
*/
setupOauthStateInstance();
const state = `worker:${process.pid}`;
/**
* Add a state that will be share with all workers
*/
addState(state);
/**
* Remove the local state automatically after a random delay (0 - 50 seconds)
*/
setTimeout(() => {
console.log(`states before deletion ${process.pid}`, getStates());
/**
* Remove state in all workers
*/
removeState(state);
}, Math.round(Math.random() * 50 * 1000));
}