Gathering detailed insights and metrics for passport-oauth1
Gathering detailed insights and metrics for passport-oauth1
OAuth 1.0 authentication strategy for Passport and Node.js.
Installations
npm install passport-oauth1Developer Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>= 0.4.0
Node Version
14.16.1
NPM Version
6.14.12
Score
98.6
Supply Chain
99
Quality
75.2
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
2
JavaScript
Makefile
JavaScript (99.93%)
Makefile (0.07%)
Developer
Download Statistics
Total Downloads
63,502,759
Last Day
14,195
Last Week
248,930
Last Month
1,141,368
Last Year
11,847,300
GitHub Statistics
MIT License
24 Stars
103 Commits
30 Forks
4 Watchers
8 Branches
7 Contributors
Updated on Sep 28, 2024
Bundle Size
21.12 kB
Minified
6.53 kB
Minified + Gzipped
Sponsor this package
Maintainers
1
Package Meta Information
Latest Version
1.3.0
Package Id
passport-oauth1@1.3.0
Unpacked Size
28.41 kB
Size
8.67 kB
File Count
11
NPM Version
6.14.12
Node Version
14.16.1
Published on
Mar 01, 2023
Total Downloads
Cumulative downloads
Total Downloads
63,502,759
Dependencies
3
Dev Dependencies
4
passport-oauth1
General-purpose OAuth 1.0 authentication strategy for Passport.
This module lets you authenticate using OAuth in your Node.js applications. By plugging into Passport, OAuth-based sign in can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
Note that this strategy provides generic OAuth support. In many cases, a provider-specific strategy can be used instead, which cuts down on unnecessary configuration, and accommodates any provider-specific quirks. See the list for supported providers.
Developers who need to implement authentication against an OAuth provider that is not already supported are encouraged to sub-class this strategy. If you choose to open source the new provider-specific strategy, please add it to the list so other people can find it.
:heart: Sponsors
Advertisement
Learn OAuth 2.0 - Get started as an API Security Expert
Just imagine what could happen to YOUR professional career if you had skills in OAuth > 8500 satisfied students
Install
$ npm install passport-oauth1
Usage
Configure Strategy
The OAuth authentication strategy authenticates users using a third-party
account and OAuth tokens. The provider's OAuth endpoints, as well as the
consumer key and secret, are specified as options. The strategy requires a
verify callback, which receives a token and profile, and calls cb
providing a user.
passport.use(new OAuth1Strategy({
requestTokenURL: 'https://www.example.com/oauth/request_token',
accessTokenURL: 'https://www.example.com/oauth/access_token',
userAuthorizationURL: 'https://www.example.com/oauth/authorize',
consumerKey: EXAMPLE_CONSUMER_KEY,
consumerSecret: EXAMPLE_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/example/callback",
signatureMethod: "RSA-SHA1"
},
function(token, tokenSecret, profile, cb) {
User.findOrCreate({ exampleId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
Authenticate Requests
Use passport.authenticate(), specifying the 'oauth' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/example',
passport.authenticate('oauth'));
app.get('/auth/example/callback',
passport.authenticate('oauth', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
Related Modules
- passport-oauth2 — OAuth 2.0 authentication strategy
- passport-http-oauth — OAuth authentication strategy for APIs
- oauthorize — OAuth service provider toolkit
Contributing
Tests
The test suite is located in the test/ directory. All new features are
expected to have corresponding test cases. Ensure that the complete test suite
passes by executing:
1$ make test
Coverage
All new feature development is expected to have test coverage. Patches that increse test coverage are happily accepted. Coverage reports can be viewed by executing:
1$ make test-cov 2$ make view-cov
License
Copyright (c) 2011-2016 Jared Hanson <http://jaredhanson.net/>
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
9 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Reason
Found 1/22 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Score
1.9
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More