npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

authenticator_oauth2.0

v1.0.9

Published

Simple promise-based authenticator for systems using OAuth 2.0 protocol.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

umangkathuria16umangkathuria16

Keywords

OAuth2.0authenticator

Readme

Authenticator Module

Simple promise-based authenticator for systems using OAuth 2.0 protocol.

Features:

  • Generate authentication token
  • Make calls to consume third party system APIs exposed
  • Simple structure
  • Easy to configure
  • Multiple storage option for token- in session or in database.
  • Easy to setup and use, plug n play functionality
  • Can handle multiple third party systems using OAuth2.0

Configuration:

  • The module make use of two files for configuration.

First is the .env file. This file contains the following necessary details-

  • Port Number- stores the port number for the app to run on.
  • URL for Mongo DB
  • Location identifier for storing token- If you wish to store the token in Database, set TOKEN_LOCATION to DB, otherwise set the value to session.
  • Configuration details of every system. Contains the URL for fetching auth token, Client ID and Secret Key.

Syntax to be followed for keeping the system specific configuration items-

<System-Name>_<Config-item>

Example: If the system is HYBRIS and we want to store its Client ID, the key name would be - HYBRIS_CLIENT_ID and other keys for hyrbis would be- HYBRIS_SECRET_KEY and HYBRIS_URI Sample .env file-

# Port number for the localhost server.
PORT=3000

# URL for the Mongo DB. 
MONGO_URL='mongodb://localhost/'

# Configuration of Hybris system- Client ID, Secret Key and URL for getting authorisation token.
SYSTEM1_CLIENT_ID= ‘sample-key’
SYSTEM1_SECRET_KEY=’sample-password’
SYSTEM1_URI= 'https://auth/server/path’

# Configuration of system- Client ID, Secret Key and URL for getting 
SYSTEM2LIENT_ID=‘sample-key’
SYSTEM2_SECRET_KEY='sample-password'
SYSTEM2_URI= 'https://auth/server/path’

# Key for setting location of token storage. Currently two locations are supported- DB or session. 
TOKEN_LOCATION= "session"

Second configurable file is the dbconfig file-

  • This file will contain the configurable Database name and the table name.
  • The database to be used must have a few fields mandatory.
  • The table must contain the following columns-
  • access_token
  • token_type
  • expires_in
  • scope
  • system
  • createdOn
  • Here’s a sample schema for MongoDB-
schema = {
    access_token: { type: String, required: true, unique: true},
    token_type: { type: String, required: true },
    expires_in: { type: Number, required: true },
    scope: { type: String, required: true },
    system: {type: String, required: true},
    createdOn: {type: Date, required: true}
  };

Using Authenticator Module

Require the module

const authenticator = require('authenticator_oauth2.0').authenticator;

Fetching the token-
  • The token can be fetched by calling the method getToken() of authenticator object.
  • It’s returns a promise so you’d have to use then and catch to handle the resolve and reject events.
  • The method requires two parameters-
  • the request object (for maintaining session details and other request parameters)
  • the other parameter is the “system”, which signifies the system for which we are trying to connect to. Based on the system parameter, Auth token would be fetched.
authenticator.getToken(request, 'HYBRIS')
    .then(res => {
        // handle success scenario
    })
    .catch(err=> {
        // handle error scenarios  
    }
  • The method first checks for the token in DB/Session as per the configuration.
  • If the token is found, the same is returned, else a new token is generated by making a POST call to the system’s authorization token server url as per the .env file.
Consuming system specific APIs-
  • This feature consumes the API of the system.
  • It first fetches the token required to make the API call and then calls the API.
  • In case the token has expired, we also make a fresh call to fetch the token again(i.e. refresh token) and make the call to the API.
  • The response of the API to be called is then sent as response.
  • To use this functionality, authenticator object exposes a method call “apiRequest”. Here’s how we can use it-
apiRequest(options,request, 'HYBRIS')
    .then( res => {
        response.json(res);
    })
    .catch(err => {
        response.json(err);
    })
  • The method needs three parameters
  • Options: contains the details to call the api. It contains the URL, method, query parameters, header information and body, in case of post request type.
  • The object will have the following fields-
  • url- containing the URL of the API
  • method- Will contain the type of API request- GET, POST, DELETE, etc
  • data – will contain the object that needs to be sent as a body parameter
  • headers- will contain all the necessary headers for the API call
  • params: will contain all the query parameters
    {
        "url":"https://localhost:8080/call/to/api",
        "method":"POST",
        "data":{
                "firstName": "Umang",
                "lastName": "Kathuria
        
        },
        "headers":{
        },
        "params": {
            "fields": "BASIC"
        }
    }
  • Second parameter is the request object containing the session details. This is used to fetch the saved token in the session.
  • Third parameter is the system in which the API is called.