Comments (3)
As long as we can maintain previous version I think this might be a cool feature. Let me know if you need help with anything.
from restify-oauth2.
After thinking about this some, I don't think utilizing an includeTokenEndpoint
options flag is going to be the best approach. The requiredHooks
passed to makeSetup
are going to change based on whether the flag is there. (i.e. it doesn't make sense to require a grantToken
hook if the the user doesn't want the token endpoint setup.) And the code in makeSetup
would need multiple new if-checks to handle the includeTokenEndpoint
flag.
Instead, I was thinking about adding some new top-level functions to the library:
// Adds logic to authenticate tokens
restifyOAuth2.ccAuthenticator(server, options);
// Adds logic (and endpoint) to grant tokens
restifyOAuth2.ccGrantor(server, options);
// Adds both, just like current version, but uses above two functions to make it happen
restifyOAuth2.cc(server, options);
A similar approach would be taken for ropc. Does this sound okay? Would you like one single PR, or several smaller ones?
from restify-oauth2.
This looks good, a single PR would be fine. Let me know if you have any questions.
from restify-oauth2.
Related Issues (20)
- Object.freeze seems to have horrible performance in Chrome HOT 4
- Docs are referring to option "tokenEndpoint", but actuall is "endpoint" HOT 1
- Accessing request object in grantUserToken HOT 2
- why mapParams must be false? HOT 2
- Add support for i18n strings HOT 1
- Modify the token endpoint response body before sending HOT 5
- /token from javascript app opens browser basic auth popup HOT 10
- Restify 3 HOT 5
- Cannot read property 'scheme' of undefined HOT 4
- The package restify does not satisfy its siblings' peerDependencies requirements HOT 6
- use both Authorization Grant CC and ROPC with same tokenEndpoint HOT 3
- Prevent WWW-Authenticate header HOT 9
- Restify 4.x support HOT 11
- CORS/OPTIONS response at /token requires auth
- custom error messages within option.hooks HOT 2
- Why can you not authenticate without a Authorization header?
- Post endpoints always check for token (ROPC)
- Restify v5.x-compatible version? HOT 1
- Token type is case sensitive.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from restify-oauth2.