ory / hydra-js

DOES NOT WORK WITH VERSIONS > 0.10.0 - A simple library to help you build node-based identity providers that work with Hydra.
19 stars 8 forks source link
hydra nodejs npm-package oauth2

hydra-js

Build Status Join the chat at https://gitter.im/ory/hydra Join mailinglist Join newsletter

Hydra is a runnable server implementation of the OAuth2 2.0 authorization framework and the OpenID Connect Core 1.0.

Deprecated with 0.10.0

This library is deprecated starting with version 0.10.0 of Hydra. Instead, a code generated (based on swagger) SDK is available in the main repository: https://ory.gitbooks.io/hydra/content/sdk/js.html

Overview

Hydra-js is a client library for javascript. It is currently available as an npm-module only. At this moment, Hydra-js primarily helps you with performing the consent validation. We welcome contributions that implement more of the Hydra HTTP REST API.

Installation

$ npm i --save hydra-js

Examples

Instantiating

var Hydra = require('hydra-js')

const config = {
 client: {
   id: process.env.HYDRA_CLIENT_ID, // id of the client you want to use, defaults to this env var
   secret: process.env.HYDRA_CLIENT_SECRET, // secret of the client you want to use, defaults to this env var
 },
 auth: {
   tokenHost: process.env.HYDRA_URL, // hydra url, defaults to this env var
   authorizePath: '/oauth2/auth', // hydra authorization endpoint, defaults to '/oauth2/auth'
   tokenPath: '/oauth2/token', // hydra token endpoint, defaults to '/oauth2/token'
 },
 scope: 'hydra.keys.get' // scope of the authorization, defaults to 'hydra.keys.get'
}

const hydra = new Hydra(config)

Getting an access token with the client_credentials flow

var Hydra = require('hydra-js')

const hydra = new Hydra(/* options */)
hydra.authenticate().then((token) => {
  // ...
}).catch((error) => {
  // ...
})

Consent flow

The following examples fetches the appropriate cryptographic keys and access tokens automatically, you basically need to do:

var Hydra = require('hydra-js')

const hydra = new Hydra(/* options */)

// verify consent challenge
hydra.verifyConsentChallenge(challenge).then(({ challenge: data }) => {
  // consent challenge is valid, render the consent screen:
  //  w.render('consent', { data })
}).catch((error) => {
  // error
})

// generate consent challenge
hydra.generateConsentResponse(challenge, subject, scopes, {}, data).then(({ consent }) => {
  // success! redirect back to hydra:
  //  w.redirect(challenge.redir + '&consent=' + consent)
}).catch((error) => {
  // error
})