Make sure the open source you're using is safe to use
passport-oauth2
v1.5.0OAuth 2.0 authentication strategy for Passport.
npm install passport-oauth2
Explore Similar Packages
Package Health Score
58 / 100
- Popularity Popular
- Maintenance Inactive
- Security No known security issues
- Community Sustainable
Make sure the open source you're using is safe to usePopularity
Popular
Weekly Downloads (225,277)- Dependents
- 608
- GitHub Stars
- 480
- Forks
- 259
- Contributors
- 20
The npm package passport-oauth2 receives a total of 225,277 downloads a week. As such, we scored passport-oauth2 popularity level to be Popular.
Based on project statistics from the GitHub repository for the npm package passport-oauth2, we found that it has been starred 480 times, and that 608 other projects in the ecosystem are dependent on it.
Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.
Security
No known security issues
Security and license risk for significant versions
All VersionsDirect Vulnerabilities
1.1.2
1.2.0
1.3.0
1.4.0
1.5.0
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
Indirect Vulnerabilities
1.1.2
1.2.0
1.3.0
1.4.0
1.5.0
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
License Risks
1.1.2
1.2.0
1.3.0
1.4.0
1.5.0
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
- 0H
- 0M
- 0L
All security vulnerabilities belong to
production dependencies of direct and indirect
packages.
We found a way for you to contribute to the project! Looks like passport-oauth2 is missing a security policy.
You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.
We found a way for you to contribute to the project! Looks like passport-oauth2 is missing a security policy.
# Install the Snyk CLI and test your project
npm i snyk && snyk test passport-oauth2
Maintenance
Inactive
Commit Frequency- Open Issues
- 50
- Merged PR
- 14
- Open PR
- 21
- Last Commit
- 8 months ago
Further analysis of the maintenance status of passport-oauth2 based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.
An important project maintenance signal to consider for passport-oauth2 is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.
As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.
Community
Sustainable
- Readme.md
- Yes
- Contributing.md
- No
- Code of Conduct
- No
- Contributors
- 20
- Funding
- Yes
With more than 10 contributors for the passport-oauth2 repository, this is possibly a sign for a growing and inviting community.
We found a way for you to contribute to the project! Looks like passport-oauth2 is missing a Code of Conduct.
Embed Package Health Score Badge
Package
- Node.js Compatibility
- >= 0.4.0
- Age
- 7 years
- Dependencies
- 5 Direct
- Versions
- 9
- Install Size
- 31.1 kB
- Dist-tags
- 1
- # of Files
- 13
- Maintainers
- 1
- TS Typings
- Yes
passport-oauth2 has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.
passport-oauth2
General-purpose OAuth 2.0 authentication strategy for Passport.
This module lets you authenticate using OAuth 2.0 in your Node.js applications. By plugging into Passport, OAuth 2.0 authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
Note that this strategy provides generic OAuth 2.0 support. In many cases, a provider-specific strategy can be used instead, which cuts down on unnecessary configuration, and accommodates any provider-specific quirks. See the list for supported providers.
Developers who need to implement authentication against an OAuth 2.0 provider that is not already supported are encouraged to sub-class this strategy. If you choose to open source the new provider-specific strategy, please add it to the list so other people can find it.
Install
$ npm install passport-oauth2
Usage
Configure Strategy
The OAuth 2.0 authentication strategy authenticates users using a third-party
account and OAuth 2.0 tokens. The provider's OAuth 2.0 endpoints, as well as
the client identifer and secret, are specified as options. The strategy
requires a verify callback, which receives an access token and profile,
and calls cb providing a user.
passport.use(new OAuth2Strategy({
authorizationURL: 'https://www.example.com/oauth2/authorize',
tokenURL: 'https://www.example.com/oauth2/token',
clientID: EXAMPLE_CLIENT_ID,
clientSecret: EXAMPLE_CLIENT_SECRET,
callbackURL: "https://localhost:3000/auth/example/callback"
},
function(accessToken, refreshToken, profile, cb) {
User.findOrCreate({ exampleId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
Authenticate Requests
Use passport.authenticate(), specifying the 'oauth2' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/example',
passport.authenticate('oauth2'));
app.get('/auth/example/callback',
passport.authenticate('oauth2', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
Related Modules
- passport-oauth1 — OAuth 1.0 authentication strategy
- passport-http-bearer — Bearer token authentication strategy for APIs
- OAuth2orize — OAuth 2.0 authorization server toolkit
Contributing
Tests
The test suite is located in the test/ directory. All new features are
expected to have corresponding test cases. Ensure that the complete test suite
passes by executing:
$ make test
Coverage
All new feature development is expected to have test coverage. Patches that increse test coverage are happily accepted. Coverage reports can be viewed by executing:
$ make test-cov
$ make view-cov
Support
Funding
This software is provided to you as open source, free of charge. The time and effort to develop and maintain this project is dedicated by @jaredhanson. If you (or your employer) benefit from this project, please consider a financial contribution. Your contribution helps continue the efforts that produce this and other open source software.
Funds are accepted via PayPal, Venmo, and other methods. Any amount is appreciated.
License
Copyright (c) 2011-2016 Jared Hanson <https://jaredhanson.net/>
passport-oauth2 versions
| Version | Published | Tag | Node.js Compatability | Licenses | Dependencies | Direct Vulnerabilities | Publisher |
|---|---|---|---|---|---|---|---|
| 1.5.0 | 15 March 2019 | latest | >= 0.4.0 | MIT | 5 |
| jaredhanson |
| 1.4.0 | 20 December 2016 | >= 0.4.0 | MIT | 4 |
| jaredhanson | |
| 1.3.0 | 30 March 2016 | >= 0.4.0 | MIT | 3 |
| jaredhanson | |
| All Versions | |||||||
passport-oauth2 dependencies
Last updated on
26 January-2021, at 01:22 (UTC).