Gathering detailed insights and metrics for connekt-passport-oauth1
Gathering detailed insights and metrics for connekt-passport-oauth1
OAuth 1.0 authentication strategy for Passport and Node.js.
Installations
npm install connekt-passport-oauth1Developer Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>= 0.4.0
Node Version
2.0.0
NPM Version
2.9.0
Score
70.6
Supply Chain
97
Quality
74.9
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
2
JavaScript
Makefile
JavaScript (99.93%)
Makefile (0.07%)
Developer
Download Statistics
Total Downloads
2,365
Last Day
1
Last Week
1
Last Month
11
Last Year
108
GitHub Statistics
MIT License
24 Stars
103 Commits
30 Forks
4 Watchers
8 Branches
7 Contributors
Updated on Sep 28, 2024
Bundle Size
18.85 kB
Minified
6.19 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
1.0.3
Package Id
connekt-passport-oauth1@1.0.3
Size
7.08 kB
NPM Version
2.9.0
Node Version
2.0.0
Total Downloads
Cumulative downloads
Total Downloads
2,365
Last Day
0%
1
Compared to previous day
Last Week
-50%
1
Compared to previous week
Last Month
-21.4%
11
Compared to previous month
Last Year
-9.2%
108
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Dev Dependencies
3
passport-oauth1
General-purpose OAuth 1.0 authentication strategy for Passport.
This module lets you authenticate using OAuth in your Node.js applications. By plugging into Passport, OAuth authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
Note that this strategy provides generic OAuth support. In many cases, a provider-specific strategy can be used instead, which cuts down on unnecessary configuration, and accommodates any provider-specific quirks. See the list for supported providers.
Developers who need to implement authentication against an OAuth provider that is not already supported are encouraged to sub-class this strategy. If you choose to open source the new provider-specific strategy, please add it to the list so other people can find it.
Install
$ npm install passport-oauth1
Usage
Configure Strategy
The OAuth authentication strategy authenticates users using a third-party
account and OAuth tokens. The provider's OAuth endpoints, as well as the
consumer key and secret, are specified as options. The strategy requires a
verify callback, which receives a token and profile, and calls done
providing a user.
passport.use(new OAuth1Strategy({
requestTokenURL: 'https://www.example.com/oauth/request_token',
accessTokenURL: 'https://www.example.com/oauth/access_token',
userAuthorizationURL: 'https://www.example.com/oauth/authorize',
consumerKey: EXAMPLE_CONSUMER_KEY,
consumerSecret: EXAMPLE_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/example/callback"
},
function(token, tokenSecret, profile, done) {
User.findOrCreate({ exampleId: profile.id }, function (err, user) {
return done(err, user);
});
}
));
Authenticate Requests
Use passport.authenticate(), specifying the 'oauth' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/example',
passport.authenticate('oauth'));
app.get('/auth/example/callback',
passport.authenticate('oauth', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
Related Modules
- passport-oauth2 — OAuth 2.0 authentication strategy
- passport-http-oauth — OAuth authentication strategy for APIs
- OAuthorize — OAuth service provider toolkit
Tests
$ npm install
$ npm test
Credits
License
Copyright (c) 2011-2015 Jared Hanson <http://jaredhanson.net/>
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
9 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Reason
Found 1/22 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Score
1.9
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More