/resource_server.ts | oauth2_server@0.12.0

Module

x/oauth2_server/resource_server.ts

A standards compliant implementation of an OAuth 2.0 authorization server with PKCE support.

udibo/oauth2_server

Latest

adapters examples grants models services

asserts.ts

assertAuthorizationCode

assertClientUserScopeCall

assertScope

assertToken

authorization_server.ts

AbstractAccessTokenService

AbstractAuthorizationCodeService

AbstractClientService

AbstractGrant

AbstractRefreshTokenService

AbstractUserService

AccessDeniedError

AuthorizationCodeGrant

AuthorizationServer

ClientCredentialsGrant

TemporarilyUnavailableError

UnauthorizedClientError

UnsupportedGrantTypeError

UnsupportedResponseTypeError

UnsupportedTokenTypeError

AccessToken

AuthorizationCode

AuthorizationCodeGrantInterface

AuthorizationCodeGrantOptions

AuthorizationCodeGrantServices

AuthorizationCodeServiceInterface

AuthorizationServerGrants

AuthorizationServerOptions

ClientCredentialsGrantInterface

ClientCredentialsGrantOptions

ClientCredentialsGrantServices

ClientInterface

ClientServiceInterface

ErrorBody

GenerateAuthorizationCodeOptions

OAuth2AuthenticatedRequest

OAuth2AuthorizedRequest

OAuth2AuthorizeRequest

OAuth2ErrorOptions

OAuth2Request

OAuth2Response

PKCEClientCredentials

RefreshToken

RefreshTokenGrantInterface

RefreshTokenGrantOptions

ResourceServerOptions

ResourceServerServices

TokenServiceInterface

OAuth2AuthenticatedRequest

OAuth2AuthorizedRequest

OAuth2AuthorizeRequest

TemporarilyUnavailableError

UnauthorizedClientError

UnsupportedGrantTypeError

UnsupportedResponseTypeError

UnsupportedTokenTypeError

AbstractAccessTokenService

AbstractClientService

AbstractRefreshTokenService

TemporarilyUnavailableError

UnauthorizedClientError

UnsupportedGrantTypeError

UnsupportedResponseTypeError

UnsupportedTokenTypeError

ClientServiceInterface

ErrorBody

LoginRedirectOptions

OAuth2AuthenticatedRequest

OAuth2AuthorizedRequest

OAuth2AuthorizeRequest

ResourceServerOptions

ResourceServerServices

TokenServiceInterface

Spy

spy

import * as oauth2Server from "https://deno.land/x/oauth2_server@0.12.0/resource_server.ts";

Classes

c AbstractAccessTokenService abstract
c AbstractClientService abstract
c AbstractRefreshTokenService abstract
c AbstractUserService abstract
c AccessDeniedError	The resource owner or authorization server denied the request.
c InvalidClientError	Client authentication failed.
c InvalidGrantError	The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
c InvalidRequestError	The request is missing a required parameter, includes an unsupported parameter value, repeats a parameter, includes multiple credentials, utilizes more than one mechanism for authenticating the client, or is otherwise malformed.
c InvalidScopeError	The requested scope is invalid, unknown, or malformed.
c OAuth2Error
c ResourceServer
c Scope	A basic implementation of scope.
c ServerError	The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
c TemporarilyUnavailableError	The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
c UnauthorizedClientError	The authenticated client is not authorized to use this authorization grant type.
c UnsupportedGrantTypeError	The authorization grant type is not supported by the authorization server.
c UnsupportedResponseTypeError	The authorization server does not support obtaining an authorization code using this method.
c UnsupportedTokenTypeError	The token type is not supported by the authorization server.

Variables

v BEARER_TOKEN
v challengeMethods	The default allowed PKCE code challenge methods. Clients SHOULD use PKCE code challenge methods that do not expose the PKCE verifier in the authorization request. Currently, "S256" is the only such method. https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-2.1.1
v DefaultScope
v NQCHAR
v NQSCHAR
v SCOPE
v SCOPE_TOKEN
v UNICODECHARNOCRLF
v VSCHAR

Functions

f authorizeParameters	Gets the authorize parameters from the request.
f authorizeUrl	Generates url for an authorization get request.
f camelCase
f generateCodeVerifier	Generates a random code verifier with a minimum of 256 bits of entropy. This is done by generating a random 32-octet sequence then base64url encoding it to produce a 43 octet URL safe string. https://datatracker.ietf.org/doc/html/rfc7636#section-7.1
f generateSalt	Generates random salt. The length is the number of bytes.
f hashPassword	Hashes a password with salt using the PBKDF2 algorithm with 100k SHA-256 iterations.
f loginRedirectFactory	Used for redirecting to login page for the authorization code flow.
f snakeCase

Interfaces

I AccessToken
I AuthorizeParameters
I ChallengeMethods	The allowed PKCE code challenge methods.
I Client
I ClientInterface
I ClientServiceInterface
I ErrorBody
I LoginRedirectOptions
I OAuth2AuthenticatedRequest
I OAuth2AuthorizedRequest
I OAuth2AuthorizeRequest
I OAuth2ErrorOptions
I OAuth2Request
I OAuth2Response
I RefreshToken
I ResourceServerOptions
I ResourceServerServices
I ScopeConstructor	Constructor for scope.
I ScopeInterface
I Token
I TokenBody
I TokenServiceInterface
I User
I UserServiceInterface

Type Aliases

ChallengeMethod

A challenge method used for PKCE. Transforms a verifier into a challenge.