README.md

oauth4webapi API Reference

💗 Help the project

Support from the community to continue maintaining and improving this module is welcome. If you find the module useful, please consider supporting the project by becoming a sponsor.

Accessing Protected Resources

• parseWwwAuthenticateChallenges
• protectedResourceRequest

Authorization Code Grant

• authorizationCodeGrantRequest
• calculatePKCECodeChallenge
• generateRandomCodeVerifier
• isOAuth2Error
• issueRequestObject
• parseWwwAuthenticateChallenges
• processAuthorizationCodeOAuth2Response
• validateAuthResponse
• validateJwtAuthResponse

Authorization Code Grant w/ OpenID Connect (OIDC)

• authorizationCodeGrantRequest
• calculatePKCECodeChallenge
• generateRandomCodeVerifier
• getValidatedIdTokenClaims
• isOAuth2Error
• issueRequestObject
• parseWwwAuthenticateChallenges
• processAuthorizationCodeOpenIDResponse
• processUserInfoResponse
• userInfoRequest
• validateAuthResponse
• validateJwtAuthResponse

Authorization Server Metadata

• discoveryRequest
• processDiscoveryResponse

Client Credentials Grant

• clientCredentialsGrantRequest
• isOAuth2Error
• parseWwwAuthenticateChallenges
• processClientCredentialsResponse

Device Authorization Grant

• deviceAuthorizationRequest
• deviceCodeGrantRequest
• isOAuth2Error
• parseWwwAuthenticateChallenges
• processDeviceAuthorizationResponse
• processDeviceCodeResponse

Errors

• OperationProcessingError
• UnsupportedOperationError

FAPI 1.0 Advanced

• validateDetachedSignatureResponse

JWT Access Tokens

• validateJwtAccessToken

JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)

• validateJwtAuthResponse

JWT-Secured Authorization Request (JAR)

• issueRequestObject

OpenID Connect (OIDC) Discovery

• discoveryRequest
• processDiscoveryResponse

OpenID Connect (OIDC) UserInfo

• processUserInfoResponse
• userInfoRequest

Proof Key for Code Exchange (PKCE)

• calculatePKCECodeChallenge
• generateRandomCodeVerifier

Pushed Authorization Requests (PAR)

• isOAuth2Error
• parseWwwAuthenticateChallenges
• processPushedAuthorizationResponse
• pushedAuthorizationRequest

Refreshing an Access Token

• isOAuth2Error
• parseWwwAuthenticateChallenges
• processRefreshTokenResponse
• refreshTokenGrantRequest

Token Introspection

• introspectionRequest
• isOAuth2Error
• parseWwwAuthenticateChallenges
• processIntrospectionResponse

Token Revocation

• isOAuth2Error
• parseWwwAuthenticateChallenges
• processRevocationResponse
• revocationRequest

Utilities

• generateKeyPair
• generateRandomCodeVerifier
• generateRandomNonce
• generateRandomState
• isOAuth2Error
• parseWwwAuthenticateChallenges

Interfaces

• AuthenticatedRequestOptions
• AuthorizationDetails
• AuthorizationServer
• Client
• ClientCredentialsGrantRequestOptions
• ClientCredentialsGrantResponse
• ConfirmationClaims
• DPoPOptions
• DPoPRequestOptions
• DeviceAuthorizationRequestOptions
• DeviceAuthorizationResponse
• DiscoveryRequestOptions
• ExportedJWKSCache
• GenerateKeyPairOptions
• HttpRequestOptions
• IDToken
• IntrospectionRequestOptions
• IntrospectionResponse
• JWK
• JWKS
• JWKSCacheOptions
• JWTAccessTokenClaims
• MTLSEndpointAliases
• OAuth2Error
• OAuth2TokenEndpointResponse
• OpenIDTokenEndpointResponse
• PrivateKey
• ProtectedResourceRequestOptions
• PushedAuthorizationRequestOptions
• PushedAuthorizationResponse
• RevocationRequestOptions
• TokenEndpointRequestOptions
• TokenEndpointResponse
• UseMTLSAliasOptions
• UserInfoAddress
• UserInfoRequestOptions
• UserInfoResponse
• ValidateDetachedSignatureResponseOptions
• ValidateJWTAccessTokenOptions
• ValidateJwtAuthResponseOptions
• WWWAuthenticateChallenge
• WWWAuthenticateChallengeParameters

Type Aliases

• ClientAuthenticationMethod
• JWKSCacheInput
• JWSAlgorithm
• JsonArray
• JsonObject
• JsonPrimitive
• JsonValue

Variables

• clockSkew
• clockTolerance
• customFetch
• expectNoNonce
• expectNoState
• experimental_jwksCache
• skipAuthTimeCheck
• skipStateCheck
• skipSubjectCheck
• useMtlsAlias