- No assumptions about tokens storage type.
- You can store arbitrary data assosiated with issued token.
- Secret for authenticity verification. This may be a secret based on IP address and port.
npm install oauth2-token-manager
tokenManager
.generateExchangeCode('123|10.10.10.10|8888', 'www.abcd.com')
.then(function(obj){
assert.ok(obj.accessToken);
assert.ok(obj.refreshToken);
});
tokenManager
.exchange(exchangeCode, redirectUri)
.then(function(obj){
assert.ok(obj.accessToken);
assert.ok(obj.refreshToken);
});
tokenManager
.verify(accessToken)
.spread(function(result, userData){
assert.ok(result);
// using userData
...
});
tokenManager
.generateAccessToken('123|10.10.10.10|8888')
.then(function(obj){
assert.ok(obj.accessToken);
assert.ok(obj.refreshToken);
});
tokenManager
.refresh(obj.refreshToken)
.then(function(obj){
assert.ok(obj.accessToken);
assert.ok(obj.refreshToken);
});
- generateAccessToken
- generateExchangeCode
- verify
- exchange
- refresh
- serialize
- deserialize
- type: TokenObject
- type: StorageObject
- callback: serializeCallback
- callback: deserializeCallback
Generate a token and store it associated with a key.
Params
- key
string
- Uniq key associated with a token in storage. This may be "[userId]|[IP]|[TCP port]" string. A key will be hashed before serialization. - [userData]
object
- Data to serialize with a generated access token. - [secret]
string
- Data for source authenticity verification.
Returns: promise
- A promise to return. TokenObject
Generate an exchange code and store it associated with a key.
Params
- key
string
- Uniq key associated with a token in storage. This may be "[userId]|[IP]|[TCP port]" string. A key will be hashed before serialization. - redirectUri
string
- Redirect URI - [userData]
object
- Data to serialize with a generated exchange code. - [secret]
string
- Data for source authenticity verification.
Returns: promise
- A promise to return an exchange code.
Verify a token validity.
Params
- token
string
- A accessToken to validate. - [secret]
string
- Data for source authenticity verification. This may be used to prevent of accessToken using from other IP. An accessToken had to be generated with the same secret.
Returns: promise
- A promise to return true for a valid token, false for a not and an optional user data if deserialize callback supports it. Be sure to use the spread
method like this spread(function(result, userData){})
.
Exchange a code for a token.
Params
- code
string
- A code to exchange for a token. - redirectUri
string
- This is the redirectUri that was passed to generateCode earlier. - [secret]
string
- Data for source authenticity verification. This has to be the same data that was passed to generateCode earlier.
Returns: promise
- A promise to return TokenObject or null.
Refresh an accessToken.
Params
- refreshToken
string
- A refreshToken to exchange for a new accessToken. - [secret]
string
- Data for source authenticity verification. This had to be the same data that was passed to generateAccessToken earlier.
Returns: promise
- A promise to return TokenObject.
Set a function to serialize a token in storage.
Params
- cb
serializeCallback
- Serialization callback.
Set a function to deserialize a token from storage.
Params
- cb
deserializeCallback
- Derialization callback.
Properties
- accessToken
string
- refreshToken
string
Type: Object
Properties
- code1
string
-code1
serializeCallback parameter - code2
string
-code2
serializeCallback parameter - createdAt
string
-createdAt
serializeCallback parameter - expiresIn
string
-expiresIn
serializeCallback parameter
Type: Object
Serialize an access token or an exchange code object in a storage.
Params
- key
string
- Primary key for an object. - code1
string
- An access token or null. - code2
string
- A refresh token or an exchange code. - createdAt
string
- Time in seconds since epoch. - expiresIn
string
- Expiration time in seconds. - [userData]
object
- Additional user data.
Type: function
Returns: promise
- A promise to store the object that contains code1, code2, createdAt and expiresIn parameters. The deffered must be resolved with true
value on success.
Deserialize an access token or an exchange code object from a storage.
Params
- key
string
-key
serializeCallback parameter.
Type: function
Returns: promise
- A promise to return StorageObject.