AppAuth-JS | JavaScript client SDK for communicating with OAuth | OAuth library

by openid TypeScript Version: Current License: Apache-2.0

X-Ray Key Features Code Snippets Community Discussions(2)Vulnerabilities Install Support

kandi X-RAY | AppAuth-JS Summary

AppAuth-JS is a TypeScript library typically used in Security, OAuth applications. AppAuth-JS has no bugs, it has no vulnerabilities, it has a Permissive License and it has medium support. You can download it from GitHub.

AppAuth for JavaScript is a client SDK for public clients for communicating with OAuth 2.0 and OpenID Connect providers following the best practice RFC 8252 - OAuth 2.0 for Native Apps. The library is designed for use in Web Apps, Node.js CLI applications, Chrome Apps and applications that use Electron or similar frameworks. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. The library also supports the PKCE extension to OAuth which was created to secure authorization codes in public clients when custom URI scheme redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all protocol requests and responses.

Support

Quality

Security

License

Reuse

Support

AppAuth-JS has a medium active ecosystem.

It has 906 star(s) with 153 fork(s). There are 36 watchers for this library.

It had no major release in the last 6 months.

There are 26 open issues and 102 have been closed. On average issues are closed in 294 days. There are 8 open pull requests and 0 closed requests.

It has a neutral sentiment in the developer community.

The latest version of AppAuth-JS is current.

Quality

AppAuth-JS has 0 bugs and 0 code smells.

Security

AppAuth-JS has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

AppAuth-JS code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

AppAuth-JS is licensed under the Apache-2.0 License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

AppAuth-JS releases are not available. You will need to build from source code and install.

Installation instructions, examples and code snippets are available.

It has 104 lines of code, 0 functions and 69 files.

It has low code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of AppAuth-JS

Get all kandi verified functions for this library.

AppAuth-JS Key Features

No Key Features are available at this moment for AppAuth-JS.

AppAuth-JS Examples and Code Snippets

No Code Snippets are available at this moment for AppAuth-JS.

Community Discussions

Trending Discussions on AppAuth-JS

How to implement the OAuth2 Authorization code grant with PKCE for a React single page application?

Apple's javascript MusicKit API authorize in electron app

QUESTION

How to implement the OAuth2 Authorization code grant with PKCE for a React single page application?

Asked 2019-Nov-19 at 05:09

In our organization, we use our own custom Oauth2 provider (which does not have “.well-known/OpenID-configuration” discovery endpoint because it id not OIDC provider). We have a React single page application (SPA) which acts as Oauth2 client, this SPA uses OAuth2 endpoints (authorize, toke & revoke) of the custom OAuth2 provider to authorize end-users.

For a React SPA, is there any library/SDK available to implement the OAuth2 Authorization code grant(with PKCE) for a custom OAuth2 provider?.

We could find React OAuth libraries for well know providers like Google, Facebook, Auth0. But we could not find any generic React OAuth library for a custom OAuth Provider. Auth0 React script: https://auth0.com/docs/libraries/auth0-spa-js Google: https://www.npmjs.com/package/react-google-login FaceBook: https://www.npmjs.com/package/react-facebook-login

Can I use a Native (app) React library for SPA ?. Can I use this native reactive library https://github.com/FormidableLabs/react-native-app-auth?. It supports both OAuth2 and OIDC providers. Our custom OAuth provider does not have a “.well-known/OpenID-configuration” discovery endpoint. So we will specify our OAuth endpoints in the configuration

...

ANSWER

Answered 2019-Nov-18 at 19:25

Generally I recommend this library - which is probably the most respected option out there: https://github.com/IdentityModel/oidc-client-js

You can set endpoints explicitly if needed if you have no discovery endpoint. However, it will depend a little on your OAuth2 provider capabilities.

See also this sample: https://github.com/skoruba/react-oidc-client-js

Post back if you get stuck - I may be able to help ..

Source https://stackoverflow.com/questions/58887734

QUESTION

Apple's javascript MusicKit API authorize in electron app

Asked 2019-Jan-02 at 18:09

I wanted to make an electron app that uses Apple's MusicKitjs API. However, the authorize function opens another window. This causes problems with electron since each window is sandboxed. The authentication does not seem to be OAuth which rules out a tool like AppAuth-JS.

Any ideas on how to implement non-OAuth API authentication in electron?

...

ANSWER

Answered 2019-Jan-02 at 18:09

The best answer I can come up with so far is to not use Electron. Use NW.js instead.

There may be a way to make MusicKit.js work with Electron, but it will likely compromise security or require substantial effort.

NW.js does not have the same problem since it is a single process framework. When authorizing the MusicKit instance, it pops up a 2nd window and allows the user to login as desired. However, NW.js does need proprietary codecs to play audio from MusicKit. I am using these prebuilts and it seems to work fine so far.

Source https://stackoverflow.com/questions/53906147

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install AppAuth-JS

Install the latest version of Node. NVM (Node Version Manager is highly recommended). Use nvm install to install the recommended Node.js version.
Install the latest version of Node. NVM (Node Version Manager is highly recommended).
Use nvm install to install the recommended Node.js version.
Download the latest version of Visual Studio Code from here.
git clone the AppAuthJS library and go to the root folder of the project containing package.json file.
npm install to install all the dev and project dependencies.
npm run-script compile or tsc will compile all your TypeScript files. All compiled files go into the built/ folder.
npm run-script watch or tsc --watch will compile your TypeScript files in watch mode. Recommended if you want to get continuous feedback.
npm run-script build-app generates the output bundle.js file in the built/ directory. This includes the full AppAuthJS library including all its dependencies.
npm test provisions the Karma test runner to run all unit tests. All tests are written using Jasmine. To DEBUG your tests, click on the Debug button in the Karma test runner to look at the actual source of the tests. You can attach break points here.
npm run-script app builds the test app on a local web server. This is an end-to-end app which uses AppAuthJS and is a demonstration on how to use the library.
npm run-script node-app builds a Node.js CLI sample app. This is an end-to-end app which uses AppAuthJS in a Node.js context.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: