digitalbazaarBedrock OAuth2 Dynamic Client Registration (@digitalbazaar/oauth2-client-registration-handler)
OAuth2 Dynamic Registration handler for custom authorization servers.
Table of Contents
Background
Constraints/Limitations:
- Only supporting
client_credentialsgrant type for now. - Initial registration authentication method is bearer token.
- Does not support the signed Software Statement mechanism.
Relevant specifications:
- OAuth 2.0 Dynamic Client Registration Protocol
- OAuth 2.0 Dynamic Client Registration Management Protocol
Security
TBD
Install
- Node.js >= 16 is required.
To install locally (for development):
git clone https://github.com/digitalbazaar/oauth2-client-registration-handler.git
cd oauth2-client-registration-handler
npm installUsage
This library exports a route handler to perform OAuth2 Dynamic Client Registration that can be added to an existing Bedrock or Express.js application.
import {clientRegistrationHandler} from '@digitalbazaar/oauth2-client-registration-handler';
app.post('/oauth2/register',
clientRegistrationHandler({
baseUrl: 'https://as.example.com',
authentication: {
strategy: 'bearer',
validateInitialAccessToken: async ({token}) => {/* custom token validation logic */}
},
register: async ({registration, credentials: {initialAccessToken}}) => {
// custom registration callback (saves client to database etc)
},
defaults: {
clientSecretExpiresAt: 0, // never expires
grantTypes: ['client_credentials'],
tokenEndpointAuthMethod: 'client_secret_post'
},
logger: console
}))
);Contribute
See the contribute file!
PRs accepted.
If editing the Readme, please conform to the standard-readme specification.
Commercial Support
Commercial support for this library is available upon request from Digital Bazaar: support@digitalbazaar.com
License
New BSD License (3-clause) © Digital Bazaar