Skip to content

sabz19/oauth_impl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
keys
keys
 
 
src
src
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
eslint.config.mjs
eslint.config.mjs
 
 
jest.config.js
jest.config.js
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

OAuth 2.0 Implementation

alt text

Quick Start

  1. Clone repo git clone https://github.com/sabz19/oauth_impl.git
  2. npm install
  3. npm start

Assumptions For Demo Purposes

  1. There is no Database used or cache servers like Redis / Memcached for sensitive data, all generated JWT tokens are temporarily stored in RAM by variables in code.
  2. The PEM files are read for every request to generate an access token and not loaded into memory, this is for purposes of the demo
  3. RSA Algorithm is used for generating keys. Private keys are uploaded in this repo and used by the server to sign and encrypt tokens. These ideally need to be stored in a secure container
  4. Implicit assumption that login has already occurred, so at the time of generating an auth code, an auth check is performed which by default always returns true
  5. Since some RFC specifications are open-ended, some additional checks have been implemented such as checking for a registered list of uris to prevent CSRF

Dependencies

  1. Jose for JWT token generation
  2. Express for server

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages