Skip to content
A NodeJS of the OAuthXYZ developing specification
TypeScript JavaScript HTML CSS Dockerfile
Branch: master
Clone or download
Latest commit c1f0563 Nov 17, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
as
client
.dockerignore
.gitignore
LICENSE
README.md
docker-compose.yml

README.md

OAuth XYZ - Reference Implementation (TypeScript)

Introduction

This repository is a TypeScript (NodeJS + Express) reference implementation for the OAuth.XYZ Authorization Protocol. It contains code for both the client, and the server, in this repo. The server is an Express app with MongoDB. The client API is also an Express app with MongoDB, and the client frontend is a React app.

The repo comes with a docker-compose configuration which can set up both the client and server, along with the client frontend, all together in minutes.

Client Capabilities

  • Able to perform full Redirect with Callback flow
  • Able to perform full Device with polling flow
  • Able to perform full Redirect with polling flow
  • Can edit transaction object being sent to the authorization server through the frontend

Authorization Server Capabilities

  • Generates and stores handles for all sections in a Transaction Request
  • Can parse and use handles, objects, or a combination of both for any Transaction

Setup

  • Clone the repo
  • Make sure you have docker and docker-compose installed
  • Run docker-compose build && docker-compose up to start the network

Known Limitations/Bugs

  • Even though there is code on the database side for it, was unable to get express-sessions working on localhost dev server. As a result, if this implementation is hosted online, everyone can view everyone's transactions. The solution to this is simple, uncomment the session code in app.ts and get it to work.

Note

The OAuth XYZ spec is still a work in progress, and this implementation may not stay up to date as changes are made to the spec.

License

Licensed under the Apache License Version 2.0

You can’t perform that action at this time.