npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

lhisp-oauth-client

v1.0.40

Published

Bilingual README (Português / English) for the **lhisp-oauth-client** library.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lokidarkedenlokidarkeden

Keywords

Readme

lhisp-oauth-client

Bilingual README (Português / English) for the lhisp-oauth-client library.

Português (PT-BR)

Cliente HTTP simples para consumir uma API protegida por OAuth2 (Client Credentials), cuidando automaticamente de:

  • Obter o access_token no endpoint de autenticação
  • Cache do token até expirar (com margem de ~10s)
  • Enviar o token nas requisições subsequentes para a API
  • Suporte opcional a certificado cliente (PFX) via https.Agent

Observação: refresh token ainda não está implementado (há um TODO no código). Quando o token expira, um novo token é solicitado.

Instalação

npm i lhisp-oauth-client
# ou
yarn add lhisp-oauth-client

Uso rápido

import { LhispOauthClient } from "lhisp-oauth-client";

const client = new LhispOauthClient({
  apiUrl: "https://api.exemplo.com",
  authUrl: "https://auth.exemplo.com/oauth/token",
  clientId: "SEU_CLIENT_ID",
  clientSecret: "SEU_CLIENT_SECRET",
});

type StatusResponse = { status: string };

async function main() {
  const resp = await client.get<StatusResponse>({
    path: "/status",
    params: { verbose: true },
  });

  console.log(resp.status);
}

main();

API (principais métodos)

  • getAccessToken(): Promise<AccessToken>
    • Obtém e cacheia o token.
  • getAuthToken(): string
    • Retorna o header final de autorização (por padrão "<token_type> <access_token>").
  • executarRequest<ResponseType>(params): Promise<ResponseType>
    • Método base que injeta token e executa request via Axios.
  • Atalhos HTTP:
    • get, post, put, patch, delete

Parâmetros do construtor

new LhispOauthClient(params) aceita:

  • apiUrl (string, obrigatório): URL base da API (ex.: https://api.exemplo.com)
  • authUrl (string, obrigatório): endpoint OAuth2 para obter token
  • clientId (string, obrigatório)
  • clientSecret (string, obrigatório)

Opcionalmente:

  • certificado (string | Buffer): certificado cliente PFX
    • Se for string, o código assume base64 e faz Buffer.from(certificado, "base64")
  • senhaCertificado (string): senha do PFX
  • authScope (string): adiciona scope no request de token
  • grantType (string): padrão client_credentials
  • authContentType (ContentType): padrão application/x-www-form-urlencoded
  • authData (Record<string,string>): campos extras enviados ao endpoint de token
  • headers (object): headers aplicados nas requisições para a API
  • authHeaders (object): headers extras somente na obtenção do token
  • authHeaderName (string): nome do header usado para credenciais Basic (padrão Authorization)
  • tokenHeaderName (string): nome do header onde o token é enviado (padrão Authorization)
  • sendAuthCredentialsOnRequestBody (boolean): envia client_id e client_secret também no body
  • formatAccessToken ((token?) => string): personaliza o valor enviado no header do token
  • timeout (number): timeout das requisições (ms). Padrão 60000
  • logger (Logger): logger compatível (com .child() + métodos info/warn/error/debug)

Content-Type

Você pode escolher o Content-Type das requisições para API via contentType:

import { ContentType } from "lhisp-oauth-client";

await client.post({
  path: "/clientes",
  contentType: ContentType.APPLICATION_JSON,
  data: { name: "Maria" },
});

Nota: o contentType de autenticação (request do token) é controlado por authContentType.

Exemplo: credenciais no body (alguns servidores exigem)

import { LhispOauthClient, ContentType } from "lhisp-oauth-client";

const client = new LhispOauthClient({
  apiUrl: "https://api.exemplo.com",
  authUrl: "https://auth.exemplo.com/oauth/token",
  clientId: "SEU_CLIENT_ID",
  clientSecret: "SEU_CLIENT_SECRET",
  authContentType: ContentType.APPLICATION_JSON,
  sendAuthCredentialsOnRequestBody: true,
});

await client.get({ path: "/status" });

Exemplo: header de token customizado

import { LhispOauthClient } from "lhisp-oauth-client";

const client = new LhispOauthClient({
  apiUrl: "https://api.exemplo.com",
  authUrl: "https://auth.exemplo.com/oauth/token",
  clientId: "SEU_CLIENT_ID",
  clientSecret: "SEU_CLIENT_SECRET",
  tokenHeaderName: "x-token",
});

await client.get({ path: "/status" });

Exemplo: usando certificado (PFX)

import fs from "node:fs";
import { LhispOauthClient } from "lhisp-oauth-client";

const pfxBuffer = fs.readFileSync("./certificado.pfx");

const client = new LhispOauthClient({
  apiUrl: "https://api.exemplo.com",
  authUrl: "https://auth.exemplo.com/oauth/token",
  clientId: "SEU_CLIENT_ID",
  clientSecret: "SEU_CLIENT_SECRET",
  certificado: pfxBuffer,
  senhaCertificado: "SENHA_DO_PFX",
});

await client.get({ path: "/status" });

English

A lightweight HTTP client to consume an API protected by OAuth2 (Client Credentials). It automatically:

  • Fetches an access_token from the auth endpoint
  • Caches the token until it expires (with a ~10s safety margin)
  • Sends the token on subsequent API requests
  • Optionally supports client certificate (PFX) via https.Agent

Note: refresh token is not implemented yet (there is a TODO in the code). When the token expires, a new token is requested.

Install

npm i lhisp-oauth-client
# or
yarn add lhisp-oauth-client

Quick start

import { LhispOauthClient } from "lhisp-oauth-client";

const client = new LhispOauthClient({
  apiUrl: "https://api.example.com",
  authUrl: "https://auth.example.com/oauth/token",
  clientId: "YOUR_CLIENT_ID",
  clientSecret: "YOUR_CLIENT_SECRET",
});

type StatusResponse = { status: string };

async function main() {
  const resp = await client.get<StatusResponse>({
    path: "/status",
    params: { verbose: true },
  });

  console.log(resp.status);
}

main();

API (main methods)

  • getAccessToken(): Promise<AccessToken>
    • Fetches and caches the token.
  • getAuthToken(): string
    • Returns the final auth header value (by default "<token_type> <access_token>").
  • executarRequest<ResponseType>(params): Promise<ResponseType>
    • Base method that injects the token and performs the request via Axios.
  • HTTP helpers:
    • get, post, put, patch, delete

Constructor parameters

new LhispOauthClient(params) accepts:

Required:

  • apiUrl (string): API base URL (e.g. https://api.example.com)
  • authUrl (string): OAuth2 token endpoint
  • clientId (string)
  • clientSecret (string)

Optional:

  • certificado (string | Buffer): PFX client certificate
    • If string, it is treated as base64 and converted using Buffer.from(certificado, "base64")
  • senhaCertificado (string): PFX password
  • authScope (string): adds scope to the token request
  • grantType (string): default client_credentials
  • authContentType (ContentType): default application/x-www-form-urlencoded
  • authData (Record<string,string>): extra fields sent to the token endpoint
  • headers (object): headers applied to API calls
  • authHeaders (object): extra headers only for token retrieval
  • authHeaderName (string): Basic credentials header name (default Authorization)
  • tokenHeaderName (string): token header name (default Authorization)
  • sendAuthCredentialsOnRequestBody (boolean): also sends client_id and client_secret in the request body
  • formatAccessToken ((token?) => string): customize token header value
  • timeout (number): request timeout in ms (default 60000)
  • logger (Logger): compatible logger (must support .child() and info/warn/error/debug)

Content-Type

You can set the API request Content-Type using contentType:

import { ContentType } from "lhisp-oauth-client";

await client.post({
  path: "/customers",
  contentType: ContentType.APPLICATION_JSON,
  data: { name: "Alice" },
});

Note: the auth/token request content type is controlled by authContentType.

Example: credentials in request body

import { LhispOauthClient, ContentType } from "lhisp-oauth-client";

const client = new LhispOauthClient({
  apiUrl: "https://api.example.com",
  authUrl: "https://auth.example.com/oauth/token",
  clientId: "YOUR_CLIENT_ID",
  clientSecret: "YOUR_CLIENT_SECRET",
  authContentType: ContentType.APPLICATION_JSON,
  sendAuthCredentialsOnRequestBody: true,
});

await client.get({ path: "/status" });

Example: custom token header

import { LhispOauthClient } from "lhisp-oauth-client";

const client = new LhispOauthClient({
  apiUrl: "https://api.example.com",
  authUrl: "https://auth.example.com/oauth/token",
  clientId: "YOUR_CLIENT_ID",
  clientSecret: "YOUR_CLIENT_SECRET",
  tokenHeaderName: "x-token",
});

await client.get({ path: "/status" });

Example: using a PFX certificate

import fs from "node:fs";
import { LhispOauthClient } from "lhisp-oauth-client";

const pfxBuffer = fs.readFileSync("./certificate.pfx");

const client = new LhispOauthClient({
  apiUrl: "https://api.example.com",
  authUrl: "https://auth.example.com/oauth/token",
  clientId: "YOUR_CLIENT_ID",
  clientSecret: "YOUR_CLIENT_SECRET",
  certificado: pfxBuffer,
  senhaCertificado: "PFX_PASSWORD",
});

await client.get({ path: "/status" });