Skip to content

Latest commit

 

History

History
201 lines (155 loc) · 6.39 KB

README.md

File metadata and controls

201 lines (155 loc) · 6.39 KB

NestJS OAuth2 Server

Nest Logo OAuth2 Logo

npm npm version LICENCE synk vulnerabilities

A NestJS wrapper module for the oauth2-server package.

Table of content (click to expand)

Installation

Installation is as simple as running:

npm install @boyuai/nestjs-oauth2-server

or

yarn add @boyuai/nestjs-oauth2-server.

Configuration

  1. Include the module as a dependency in the module where oauth will happen:

oauth2.module.ts

import { Module } from '@nestjs/common';
import { OAuth2ServerModule } from '@boyuai/nestjs-oauth2-server';
import { OAuth2Controller } from './oauth2.controller';
import { OAuth2ServiceModule } from './oauth2-service.module';
import { OAuth2Model } from './oauth2.model';

@Module({
  imports: [
    OAuth2ServiceModule,
    OAuth2ServerModule.forRoot({
      imports: [OAuth2ServiceModule], // import your repository for OAuth2Model here
      modelClass: OAuth2Model,
    }),
  ],
  controllers: [OAuth2Controller],
})
export class OAuth2Module {}

In addition to the above the, oauth2-server requires a model to create the server. This can be provided as a service from any part of the application. This should be able to fetch data about clients, users, token, and authorization codes. This MUST be a service decorated with the Injectable decorator.

oauth2.model.ts

import { Injectable } from '@nestjs/common';

@Injectable()
export class OAuth2Model implements RequestAuthenticationModel {
    getAccessToken() {}

    verifyScope() {}
    // ...
    // check more codes in test/src/test-model.service.ts
}

Usage

The module also provides some nifty decorators to help with configuring the oauth2 handler endpoints. An example controller covering the entire array of decorators is given below

oauth2.controller.ts

import { Controller } from '@nestjs/common';
import {
  OAuth2Authorization,
  OAuth2Authorize,
  OAuth2RenewToken,
  OAuth2Token,
} from '@boyuai/nestjs-oauth2-server';

@Controller()
export class OAuth2Controller {
    @Post()
    @OAuth2Authenticate()
    authenticateClient(@OAuth2Token() token: Token) {
        return token;
    }

    @Post()
    @OAuth2Authorize()
    authorizeClient(
        @OAuth2Authorization()
        authorization: AuthorizationCode,
    ) {
        return authorization;
    }

    @Post()
    @OAuth2RenewToken()
    renewToken(@OAuth2Token() token: Token) {
        return token;
    }
}

Async Configuration

The module could also be included asynchronously using the forRootAsync method.

Examples below:

  • Using factory provider approach
import { Module } from '@nestjs/common';
import {
    OAuth2ServerModule,
    IOAuth2ServerModuleOptions,
} from '@boyuai/nestjs-oauth2-server';

@Module({
    imports: [
        // ... other modules
        OAuth2ServerModule.forRootAsync({
            useFactory: (factory: IOAuth2ServerOptionsFactory) => ({}),
            modelClass: YourModelService,
        }),
    ],
})
export class YourModule {}
  • Using class or existing provider approach:

oauth2-server-config.service.ts

import {
    IOAuth2ServerModuleOptions,
    IOAuth2ServerOptionsFactory,
} from '@boyuai/nestjs-oauth2-server';
import { Injectable } from '@nestjs/common';

@Injectable()
export class OAuth2ServerConfigService
    implements IOAuth2ServerOptionsFactory {
    createOAuth2ServerOptions(): IOAuth2ServerModuleOptions {
        return {};
    }
}

The OAuth2ServerConfigService SHOULD implement the IOAuth2ServerOptionsFactory, MUST declare the createOAuth2ServerOptions method and MUST return IOAuth2ServerModuleOptions object.

import { Module } from '@nestjs/common';
import { OAuth2ServerModule } from '@boyuai/nestjs-oauth2-server';
import { OAuth2ServerConfigService } from './oauth2-server-config.service.ts';

@Module({
    imports: [
        // ... other modules
        OAuth2ServerModule.forRootAsync({
            useClass: OAuth2ServerConfigService,
            modelClass: YourModelService,
        }),
    ],
})
export class YourModule {}

Learnings

The concept of OAuth2 can be further understood in this article here. Also you can head over to the oauth2-server package documentation.

Contributing

Suggestions for improvement are welcomed, however, please adhere to the contributing guidelines.