import * as oauth4webapi from "https://deno.land/x/oauth4webapi@v2.17.0/src/index.ts";
Variables
Use to adjust the assumed current time. Positive and negative finite values representing seconds
are allowed. Default is | |
Use to set allowed clock tolerance when checking DateTime JWT Claims. Only positive finite values
representing seconds are allowed. Default is | |
When configured on an interface that extends HttpRequestOptions, this applies to | |
Use this as a value to processAuthorizationCodeOpenIDResponse | |
Use this as a value to validateAuthResponse | |
Use to add support for decrypting JWEs the client encounters, namely | |
DANGER ZONE - This option has security implications that must be understood, assessed for applicability, and accepted before use. It is critical that the JSON Web Key Set cache only be writable by your own code. | |
Use to mutate JWT header and payload before they are signed. Its intended use is working around non-conform server behaviours, such as modifying JWT "aud" (audience) claims, or otherwise changing fixed claims used by this library. | |
Use this as a value to processAuthorizationCodeOpenIDResponse | |
DANGER ZONE - This option has security implications that must be understood, assessed for applicability, and accepted before use. | |
DANGER ZONE - This option has security implications that must be understood, assessed for applicability, and accepted before use. |
Functions
Performs an Authorization Code grant request at the
AuthorizationServer.token_endpoint | | |
Calculates the PKCE | |
Performs a Client Credentials Grant request at the
AuthorizationServer.token_endpoint | | |
Performs a Device Authorization Request at the
AuthorizationServer.device_authorization_endpoint | | |
Performs a Device Authorization Grant request at the
AuthorizationServer.token_endpoint | | |
Performs an authorization server metadata discovery using one of two
DiscoveryRequestOptions.algorithm | transformation algorithms applied to the
| |
Generates a !CryptoKeyPair for a given JWS | |
Generate random | |
Generate random | |
Generate random | |
Performs any Grant request at the AuthorizationServer.token_endpoint | | |
Returns ID Token claims validated during processAuthorizationCodeOpenIDResponse. | |
Performs an Introspection Request at the
AuthorizationServer.introspection_endpoint | | |
A helper function used to determine if a response processing function returned an OAuth2Error. | |
Generates a signed JWT-Secured Authorization Request (JAR). | |
Parses the | |
(OAuth 2.0 without OpenID Connect only) Validates Authorization Code Grant !Response
instance to be one coming from the
AuthorizationServer.token_endpoint | | |
(OpenID Connect only) Validates Authorization Code Grant !Response instance to be one
coming from the AuthorizationServer.token_endpoint | | |
Validates Client Credentials Grant !Response instance to be one coming from the
AuthorizationServer.token_endpoint | | |
Validates !Response instance to be one coming from the
AuthorizationServer.device_authorization_endpoint | | |
Validates Device Authorization Grant !Response instance to be one coming from the
AuthorizationServer.token_endpoint | | |
Validates !Response instance to be one coming from the authorization server's well-known discovery endpoint. | |
Validates !Response instance to be one coming from the
AuthorizationServer.introspection_endpoint | | |
Validates !Response instance to be one coming from the
AuthorizationServer.pushed_authorization_request_endpoint | | |
Validates Refresh Token Grant !Response instance to be one coming from the
AuthorizationServer.token_endpoint | | |
Validates !Response instance to be one coming from the
AuthorizationServer.revocation_endpoint | | |
Validates !Response instance to be one coming from the
AuthorizationServer.userinfo_endpoint | | |
Performs a protected resource request at an arbitrary URL. | |
Performs a Pushed Authorization Request at the
AuthorizationServer.pushed_authorization_request_endpoint | | |
Performs a Refresh Token Grant request at the
AuthorizationServer.token_endpoint | | |
Performs a Revocation Request at the
AuthorizationServer.revocation_endpoint | | |
Performs a UserInfo Request at the
AuthorizationServer.userinfo_endpoint | | |
Validates an OAuth 2.0 Authorization Response or Authorization Error Response message returned
from the authorization server's
AuthorizationServer.authorization_endpoint | | |
Same as validateAuthResponse but for FAPI 1.0 Advanced Detached Signature authorization responses. | |
Validates the JWS Signature of an ID Token included in results previously resolved from processAuthorizationCodeOpenIDResponse, processRefreshTokenResponse, or processDeviceCodeResponse for non-repudiation purposes. | |
Validates use of JSON Web Token (JWT) OAuth 2.0 Access Tokens for a given !Request as per RFC 6750, RFC 9068, and RFC 9449. | |
Same as validateAuthResponse but for signed JARM responses. | |
Validates the JWS Signature of an JWT !Response body of responses previously processed by processIntrospectionResponse for non-repudiation purposes. | |
Validates the JWS Signature of a JWT !Response body of response previously processed by processUserInfoResponse for non-repudiation purposes. |
Interfaces
Authorization Server Metadata | |
Recognized Client Metadata that have an effect on the exposed functionality. | |
I JWK | |
I JWKS | |
Interface to pass an asymmetric private key and, optionally, its associated JWK Key ID to be
added as a | |
Type Aliases
Supported Client Authentication Methods. | |
JSON Array | |
JSON Object | |
JSON Primitives | |
JSON Values | |
Supported JWS |