npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@exact-realty/hydra-rfc8693

v1.1.7

Published

An implementation of RFC 8693 for Ory Hydra, providing powerful capabilities for token exchange in OAuth 2.0 and OpenID Connect servers.

Downloads

71

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

er-ci-boter-ci-botcorrideatcorrideat

Keywords

OAuth 2.0oauth2OpenID ConnectoidcRFC 8693rfc8693Ory HydrahydraToken ExchangeAuthenticationSecurityIdentityServerJavaScriptiam

Readme

🐉 hydra-rfc8693 📜

An NPM package for implementing RFC 8693 for Ory Hydra 🚀

Reliability Rating Vulnerabilities Bugs Security Rating Maintainability Rating NPM Downloads License

📖 Introduction

Welcome to hydra-rfc8693! This powerful package enables you to supercharge your OAuth 2.0 and OpenID Connect server with seamless implementation of RFC 8693 for Ory Hydra. Empower your applications with advanced token exchange, flexible authentication and token transformation capabilities. Boost your security and scalability while adhering to industry standards. 💪

✨ Features

hydra-rfc8693 empowers you to enhance your OAuth 2.0 and OpenID Connect server without the burden of additional dependencies. It seamlessly integrates with Ory Hydra, providing a runtime-agnostic solution that fits into any JavaScript project effortlessly.

  • Token Exchange Supercharged: Effortlessly handle token exchange with powerful capabilities at your fingertips.
  • Transform Tokens on the Fly: Seamlessly transform token types to adapt to various scenarios and requirements.
  • OAuth 2.0 and OpenID Connect Compliant: Ensure interoperability and compatibility with industry-standard protocols.
  • Deep Integration with Ory Hydra: Maximise the potential of Ory Hydra by leveraging the full capabilities of RFC 8693.
  • Scalable and Highly Available: Built to scale and designed for high availability to meet the demands of your applications.
  • Flexible Authentication: Support a wide range of authentication mechanisms to suit your specific needs.
  • No Dependencies: The package has no external dependencies, keeping your project lightweight and hassle-free.
  • Runtime Agnostic: Utilises standard JavaScript only, making it compatible with any runtime environment.

🚀 Installation

Getting started with hydra-rfc8693 is as easy as running a simple command:

npm install "@exact-realty/hydra-rfc8693"

💡 Usage

Integrating hydra-rfc8693 into your project is a breeze. Here's a quick example to get you started:

import server, { listeners } from '@exact-realty/routemate';
import exchangeTokenEndpoint from '@exact-realty/hydra-rfc8693';

const exchangeTokenEndpointHandler = exchangeTokenEndpoint(
  'deadbeef-abba-cafe-affe-123456789012', // hydraClientId
  undefined, // hydraClientSecret
  'none', // hydraTokenAuthMethod
  'about:invalid', // hydraClientRedirectUri
  'http://localhost:4444', // hydraPublicUri
  'http://localhost:4445', // hydraAdminUri
  { ['clientAuthMethod']: 'none' }, // hydraPublicAuthParams
  // NB! Remember to use authentication in production
  { ['clientAuthMethod']: 'none' }, // hydraAdminAuthParams
  (body) => ({
    subject: '[email protected]',
    access_token: {
      // Example of a claim in the access token
      original_request: String(body),
    },
    id_token: {
      name: 'Alice',
    }
  }),
  [], // scope. Optional list of scopes
  [], // audience. Optional list of audiences
  [], // subjectTokenType. Optional list of acceptable token types;
      // null or undefined defaults to access tokens
  [], // actorTokenType. Optional list of acceptable token types
      // null or undefined defaults to none
);

server(listeners.node)
  .listen(5678, '127.0.0.1')
  .then((r) => {
    r.post('/token', exchangeTokenEndpointHandler);
  });

🤝 Contributing

🎉 We appreciate contributions from the community! If you have any ideas, suggestions or find any issues, feel free to open an issue or submit a pull request on our GitHub repository.

❗️ Disclaimer

⚠️ IMPORTANT: This software assumes a secure setup and should only be used for token exchange when the token issuer is trusted. It is essential to exercise caution and ensure the security of your setup when utilising token exchange capabilities.

This software is not affiliated with or endorsed by Ory or the developers of Ory Hydra. It is an independent implementation of RFC 8693 for Ory Hydra and is provided as-is, without any warranties or guarantees of fitness for a particular purpose.

📄 License

This project is licensed under the Apache 2.0 License with the LLVM exception. You are free to use this package in compliance with the terms of the license. For more information, see the LICENSE file.