GenAuth - Node.js SDK OAuth2.0 module
OAuth is an open web standard for authorization, and the current version is 2.0.
Generate a user login link for the OAuth 2.0 protocol
Generate a user login link for the OAuth 2.0 protocol, through which users can access the online login page of GenAuth.
js
AuthenticationClient().buildAuthorizeUrl(options);Parameters
options<object> Parameters to be filled in when initiating authorization login. For details, see Using OAuth2.0 Authorization Code Mode.options.scope<string> Requested permission items, optional, default value isuserfor OAuth 2.0 protocol.options.state<string> Random string, optional, automatically generated by default.options.responseType<string> Response type, optional, optional values arecode,token, default value iscode, authorization code mode.options.redirectUri<string> Callback address, required, default value is the redirectUri parameter when the SDK is initialized.
Example
javascript
// Splice OAuth 2.0 authorization link
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
secret: "Application key",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
protocol: "oauth",
});
let url = authenticationClient.buildAuthorizeUrl({ scope: "user" });Sample data
http
https://oidc1.genauth.ai/oauth/auth?state=7400704296715694&scope=user&client_id=5f17a529f64fb009b794a2ff&redirect_uri=https%3A%2F%2Fbaidu.com&response_type=codeCode exchange Token
Use the authorization code Code to obtain the user's Token information.
js
AuthenticationClient().getAccessTokenByCode(code);Parameters
code<string> Authorization code Code. After the user successfully authenticates, GenAuth will send the authorization code Code to the callback address. For details, please see Use OAuth 2.0 Authorization Code Mode. Each Code can only be used once.
Example
javascript
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
secret: "Application key",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
});
let res = await authenticationClient.getAccessTokenByCode("Authorization code");Example data
json
{
"access_token": "fa9d2bdd914ea01aa4e434c12d4f919d749fc75c",
"token_type": "Bearer",
"expires_in": 1209599,
"refresh_token": "b5e0e1afe793c6634495434afc262b88ddee9af3",
"scope": "user"
}Field explanation:
| Field name | Meaning |
|---|---|
| token_type | Token type, fixed value Bearer |
| scope | Authorization scope, authorized user permission items |
| expires_in | Access token expiration time |
| access_token | Access token, Access token issued by GenAuth |
Token exchange user information
Use Access token to obtain user information.
js
AuthenticationClient().getUserInfoByAccessToken("access_token");Parameters
access_token<string> Access token, the content of the Access token exchanged with the authorization code Code. For details, see Using OAuth 2.0 Authorization Code Mode.
Example
javascript
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
secret: "Application key",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
});
let res = await authenticationClient.getUserInfoByAccessToken("Access token");Example data
json
{
"address": {
"country": null,
"postal_code": null,
"region": null,
"formatted": null
},
"birthdate": null,
"family_name": null,
"gender": "U",
"given_name": null,
"locale": null,
"middle_name": null,
"name": null,
"nickname": null,
"picture": "https://files.authing.co/authing-console/default-user-avatar.png",
"preferred_username": null,
"profile": null,
"updated_at": "2021-03-03T06:17:14.485Z",
"website": null,
"zoneinfo": null,
"email": "test1@genauth.ai",
"email_verified": false,
"sub": "603f184cec4505e2868431fc", // Abbreviation of subject, user ID
"phone_number": null,
"phone_number_verified": false
}Field explanation:
| Field name | Translation |
|---|---|
| sub | Abbreviation of subject, unique identifier, usually user ID |
| name | Name |
| given_name | Name |
| family_name | family name |
| middle_name | middle name |
| nickname | nickname |
| preferred_username | preferred name |
| profile | basic information |
| picture | avatar |
| website | website link |
| email address | |
| email_verified | whether the email address is verified |
| gender | gender |
| birthdate | birthday |
| zoneinfo | time zone |
| locale | region |
| phone_number | mobile number |
| phone_number_verified | verified mobile number |
| address | address object |
| address.formatted | detailed address |
| address.street_address | street address |
| address.locality | city |
| address.region | province |
| address.postal_code | zip code |
| address.country | country |
| updated_at | information update time |
Refresh Access Token
Use Refresh token to get a new Access token.
js
AuthenticationClient().getNewAccessTokenByRefreshToken(refreshToken);Parameters
refreshToken<string> Refresh token, which can be obtained from refresh_token in the return value of the AuthenticationClient.getAccessTokenByCode method.
Example
javascript
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
secret: "Application key",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
});
let res = await authenticationClient.getNewAccessTokenByRefreshToken(
"Access token"
);Example data
json
{
"access_token": "fa9d2bdd914ea01aa4e434c12d4f919d749fc75c",
"token_type": "Bearer",
"expires_in": 1209599,
"refresh_token": "b5e0e1afe793c6634495434afc262b88ddee9af3",
"scope": "user"
}Check Access Token or Refresh Token
Check the status of Access token or Refresh token.
js
AuthenticationClient().introspectToken(token);Parameters
token<string> Access token or Refresh token, which can be obtained from access_token, refresh_token in the return value of AuthenticationClient.getAccessTokenByCode method.
Example
javascript
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
secret: "Application key",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
});
let res = await authenticationClient.introspectToken(
"Access token or Refresh token"
);Example data
Return when the token is valid:
json
{
"active": true,
"sub": "5f719946524ee1099229496b", // Abbreviation of subject, which is the user ID
"client_id": "5f17a529f64fb009b794a2ff",
"exp": 1619083024,
"iat": 1617873424,
"iss": "https://core.genauth.ai/oauth",
"jti": "qbovGK-HZL0O_20wY7uXj",
"scope": "user",
"token_type": "Bearer"
}Token is invalid and returns:
json
{
"active": false
}An error will be thrown if the verification process fails.
Revoke Access Token or Refresh token
Revoke Access token or Refresh token. The holder of Access token or Refresh token can notify GenAuth that the token is no longer needed and hope that GenAuth will revoke it.
js
AuthenticationClient().revokeToken(token);Parameters
token<string> Access token or Refresh token, which can be obtained from access_token and refresh_token in the return value of AuthenticationClient.getAccessTokenByCode method.
Example
javascript
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
secret: "Application key",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
});
let res = await authenticationClient.revokeToken(
"Access token or Refresh token"
);Example data
Return true when the revocation is successful.
Throws an error when the revocation fails.
Concatenate the logout URL
Concatenate the logout URL.
js
AuthenticationClient().buildLogoutUrl(options);Parameters
options<string> Logout configuration items.options.redirectUri<string> Redirect address after logout.
Example
javascript
// Splice the universal logout link of the front end
const authenticationClient = new AuthenticationClient({
appId: "Application ID",
appHost: "https://{YOUR_DOMAIN}.genauth.ai",
redirectUri: "Business callback address",
protocol: "oauth",
});
let url = authenticationClient.buildLogoutUrl({
redirectUri: "https://www.genauth.ai",
});