Module : oauth2
Module Overview
This module provides an inbound and outbound OAuth2 authentication provider, which can be used to authenticate the provided credentials against an introspection endpoint and authenticate with an external endpoint.
Inbound OAuth2 Provider
The oauth2:InboundOAuth2Provider
is an implementation of the auth:InboundAuthProvider
interface. This calls an
introspection endpoint, validate the token, and performs authentication and authorization.
oauth2:IntrospectionServerConfig introspectionServerConfig = {
url: "https://localhost:9196/oauth2/token/introspect"
};
oauth2:InboundOAuth2Provider oauth2Provider = new(introspectionServerConfig);
Outbound OAuth2 Provider
The oauth2:OutboundOAuth2Provider
is an implementation of the auth:OutboundAuthProvider
interface. This is used to
call an external endpoint with authentication.
Client Credentials Grant Type
oauth2:OutboundOAuth2Provider oauth2Provider1 = new({
tokenUrl: "https://localhost:9196/oauth2/token",
clientId: "3MVG9YDQS5WtC11paU2WcQjBB3L",
clientSecret: "9205371918321623741",
scopes: ["token-scope1", "token-scope2"]
});
Password Grant Type
oauth2:OutboundOAuth2Provider oauth2Provider5 = new({
tokenUrl: "https://localhost:9196/oauth2/token/authorize/header",
username: "johndoe",
password: "A3ddj3w",
clientId: "3MVG9YDQS5WtC11paU2WcQjBB3L",
clientSecret: "9205371918321623741",
scopes: ["token-scope1", "token-scope2"]
});
Direct Token Mode
oauth2:OutboundOAuth2Provider oauth2Provider13 = new({
accessToken: "2YotnFZFEjr1zCsicMWpAA",
refreshConfig: {
refreshUrl: "https://localhost:9196/oauth2/token/refresh",
refreshToken: "XlfBs91yquexJqDaKEMzVg==",
clientId: "3MVG9YDQS5WtC11paU2WcQjBB3L",
clientSecret: "9205371918321623741",
scopes: ["token-scope1", "token-scope2"]
}
});
CachedToken | The |
ClientCredentialsGrantConfig | The |
Detail | Record type to hold the details of an error. |
DirectTokenConfig | The |
DirectTokenRefreshConfig | The |
InboundOAuth2CacheEntry | Represents cached OAuth2 information. |
IntrospectionServerConfig | Represents introspection server onfigurations. |
PasswordGrantConfig | The |
RefreshConfig | The |
InboundOAuth2Provider | Represents inbound OAuth2 provider, which calls the introspection server and validate the received credentials. |
OutboundOAuth2Provider | Represents outbound OAuth2 provider. |
getScopes | Reads the scope(s) for the user with the given username. |
OAUTH2_ERROR | Represents the OAuth2 error reason. |
Error | Represents the OAuth2 error type with details. |