Coder Social home page Coder Social logo

sidapa / react-oauth2-pkce Goto Github PK

View Code? Open in Web Editor NEW

This project forked from soofstad/react-oauth2-pkce

0.0 0.0 0.0 78 KB

Plug-and-play react package for OAuth2 Authorization Code flow with PKCE

License: MIT License

JavaScript 15.54% TypeScript 82.74% HTML 1.72%

react-oauth2-pkce's Introduction

react-oauth2-pkce · GitHub license npm version CI

Plug-and-play react package for OAuth2 Authorization Code flow with PKCE

Adhering to the RFCs recommendations, cryptographically sound, and with zero dependencies!

What is OAuth2 Authorization Code flow with PKCE?

Short version;
The modern and secure way to do authentication for mobile and web applications!

Long version;
https://oauth.net/2/pkce/
https://datatracker.ietf.org/doc/html/rfc7636

Features

  • Authorization server agnostic, works equally well with all OAuth2 auth servers following the OAuth2 spec
  • Supports OpenID Connect (idTokens)
  • Pre- and Post login callbacks
  • Silently refreshes short lived access tokens in the background
  • Decodes JWT's
  • A total of ~440 lines of code, easy for anyone to audit.

Example

import React, { useContext } from 'react'
import ReactDOM from 'react-dom'
import { AuthContext, AuthProvider, TAuthConfig } from "react-oauth2-code-pkce"

const authConfig: TAuthConfig = {
  clientId: 'myClientID',
  authorizationEndpoint: 'myAuthEndpoint',
  tokenEndpoint: 'myTokenEndpoint',
  // Whereever your application is running. Must match configuration on authorization server
  redirectUri: 'http://localhost:3000/',
  // Optional
  scope: 'someScope openid',
  // Optional
  logoutEndpoint: '',
  // Optional
  logoutRedirect: '',
  // Example to redirect back to original path after login has completed
  preLogin: () => localStorage.setItem('preLoginPath', location.pathname),
  postLogin: () => location.replace(localStorage.getItem('preLoginPath')),
  // Whether or not to try and decode the access token.
  // Stops errors from being printed in the console for non-JWT access tokens, etc. from Github
  decodeToken: true
}

function LoginInfo() {
  const { tokenData, token, logOut, error, loginInProgress } = useContext(AuthContext)
  
  // Stops the webpage from flickering while logging in
  if (loginInProgress) return null  

  if (error) {
    return (
      <>
        <div style={{ color: 'red' }}>An error occurred during authentication: {error}</div>
        <button onClick={() => logOut()}>Logout</button>
      </>
    )
  }

  if (!token)
    return (
      <>
        <div style={{ backgroundColor: 'red' }}>You are not logged in</div>
        <button onClick={() => window.location.reload()}>Login</button>
      </>
    )

  return (
    <>
      <div>
        <h4>Access Token (JWT)</h4>
        <pre>{token}</pre>
      </div>
      <div>
        <h4>Login Information from Access Token (Base64 decoded JWT)</h4>
        <pre>{JSON.stringify(tokenData, null, 2)}</pre>
      </div>
    </> 
  )

}

ReactDOM.render(
    <div>
      <AuthProvider authConfig={authConfig}>
        <LoginInfo/>
      </AuthProvider>
    </div>, document.getElementById('root'),
)

Install

The package is available on npmjs.com here; https://www.npmjs.com/package/react-oauth2-code-pkce

npm install react-oauth2-code-pkce

and import

import { AuthContext, AuthProvider } from "react-oauth2-code-pkce"

Develop

  1. Update the 'authConfig' object in src/index.js with config from your authorization server and application
  2. Install node_modules -> $ yarn install
  3. Run -> $ yarn start

Contribute

You are welcome to create issues and pull requests :)

react-oauth2-pkce's People

Contributors

soofstad avatar sidapa avatar anthony-vito avatar jesusthehun avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.