npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@randajan/oauth2-client

v1.0.0

Published

Lightweight Node.js helper that streamlines OAuth 2.0 and service-account authentication for all Google APIs, giving downstream packages hassle-free token acquisition and refresh

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

randajanrandajan

Keywords

oauth2-clientgoogle-oauthgoogle-authoauth2authenticationtokenservice-accountgoogle-auth-librarynodejswrapperlibrarysdk

Readme

@randajan/oauth2-client

NPM  JavaScript Style Guide

Overview

@randajan/oauth2-client is a lightweight wrapper that streamlines OAuth 2.0 and service‑account authentication for Google APIs.
It hides the boilerplate around google-auth-library, keeps tokens fresh and lets you focus on writing business logic instead of wiring endpoint plumbing.

This library meticulously supervises the entire redirect flow, intercepts every error, and relays it to the front-end, ensuring the browser is never stranded on a raw JSON API endpoint as can happen with other solutions.

ESM & CommonJS ready

The package ships dual builds so you can import or require according to your tool‑chain:

// ESM
import { GoogleOAuth2 } from "@randajan/oauth2-client/google";

// CommonJS
const { GoogleOAuth2 } = require("@randajan/oauth2-client/google");

Quick start — minimal Express example

import express from "express";
import { GoogleOAuth2 } from "@randajan/oauth2-client/google";

const google = new GoogleOAuth2({
  clientId:          process.env.GOOGLE_CLIENT_ID,
  clientSecret:      process.env.GOOGLE_CLIENT_SECRET,
  redirectUri:       "http://localhost:3999/oauth/exit",     // common backend route
  landingUri:        "http://localhost:3000",                // front‑end OK screen (default)
  fallbackUri:       "http://localhost:3000/login/error",    // front‑end error screen
  scopes:            ["drive"],                              // extra scopes
  isOffline:         true,                                   // ask for refresh_token
  onAuth: async (account, context) => {
    // first time we see this user
    console.log("new account", await account.uid());
    // store tokens somewhere safe …
  },
  onRenew: async account => {
    // Google issued fresh tokens
    console.log("tokens renewed for", account);
  },
  extra:{
    //will be passed to new google.auth.OAuth2(...)
  }
});

const app = express();

app.get("/oauth/init", (req, res) => {
  const redirect = google.getInitAuthURL(req.query.landingUri);
  res.redirect(redirect);
});

app.get("/oauth/exit", async (req, res) => {
  const redirect = await google.getExitAuthURL(req.query.code, req.query.state);
  res.redirect(redirect);           // back to front‑end
});

app.listen(3999);

Shared options

Every concrete OAuth2 client (Google, Microsoft …​) accepts the same constructor options so you can swap providers without refactoring:

| Option | Type | Required | Description | |--------|------|----------|-------------| | clientId | string | ✔︎ | OAuth client ID issued by the provider | | clientSecret | string | ✔︎ | OAuth client secret | | redirectUri | string (URL) | ✔︎ | Back‑end endpoint that receives code from the provider | | fallbackUri | string (URL) | ✔︎ | Where to send the user when anything goes wrong. Error errorCode & errorMessage are appended as query params | | landingUri | string (URL) |   | Default front‑end page after successful login (may be overridden per request) | | scopes | string \| string[] |   | Extra scopes. Google is always invoked with openid userinfo.profile userinfo.email | | isOffline | boolean |   | When true requests access_type=offline so a refresh_token is issued | | onAuth | (account, { context, state, landingUri }) => Promise<string[] \| void> | ✔︎ | Called once after new account is created. Return uri (string) for custom redirect | | onRenew | (account) => void | ✔︎ | Called whenever the access‑token is automatically refreshed | | getCredentials | (userId)=>object | Promise | | Called inside oauth.account(...), all arguments will be passed. If this trait returns Promise oauth.account(...) will also return Promise. | extra | object |   | Arbitrary options forwarded to the underlying SDK |

Google client

Import path

import { GoogleOAuth2 } from "@randajan/oauth2-client/google";

Class GoogleOAuth2

| Member | Returns | Description | |--------|---------|-------------| | constructor(options) | GoogleOAuth2 | Creates a new client. See options above | | getInitAuthURL({ landingUri?, scopes?, state?, extra? }) | string | Generates the consent‑screen URL. Parameters override the defaults from the constructor | | getExitAuthURL({code, state}, context) | Promise<string> | Exchanges code for tokens, triggers onAuth, then returns a redirect URL (either landingUri or a new init URL if more scopes are needed). Context will be passed as second argument to onAuth trait | | account(credentials, ...args) | GoogleAccount | Converts raw token credentials into a handy account object. getCredentials(credentials, ...args) trait will be used if was provided into the options |

Class GoogleAccount

| Member | Returns | Description | |--------|---------|-------------| | Property auth | google.auth.OAuth2 | Raw google-auth-library instance. Use it with any googleapis service | | uid() | Promise<string> | Returns a stable user‑id (google:{userId}) | | profile() | Promise<google.oauth2#Userinfo> | Shorthand for GET /oauth2/v2/userinfo | | tokens() | Promise<{ access_token, refresh_token, expiry_date, … }> | Current token set (auto‑refreshes if needed) | | scopes() | Promise<string[]> | Scopes granted to the current access_token |

Utility tool

extendURL(url, query): string

import { extendURL } from "@randajan/oauth2-client";
extendURL("https://example.com", { foo: 1, bar: 2 });
// → "https://example.com/?foo=1&bar=2"

A tiny helper that appends query parameters while keeping the rest of the URL intact.

License

MIT © randajan