JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 624
  • Score
    100M100P100Q91656F
  • License LGPL-2.1

OAuth 2.0 implementation in Javascript

Package Exports

  • jso

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (jso) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

JSO – OAuth 2.0 Client with Javascript

Build Status

OAuth 2.0 from your javascript client web application or mobile application in a secure way. JSO is provided by UNINETT AS, a non-profit company working for educational and research institutions in Norway.

See also our javascript API mock-up tool http://httpjs.net.

JSO may be used to make your web application (or mobile hybrid application) act as an OAuth 2.0 Consumer/client, and access remote APIs that are protected by OAuth 2.0 and supports CORS (or JSONP).

NOTICE: This is the preparations for the final version 4.0 of JSO

The main news about 4.0 is the use of ES6 syntax, babel and webpack.

How to use

Install using npm:

npm install jso --save

To load the javascript, you could use the distributed UMD module:

<script type="text/javascript" src="dist/jso.js">
<script>
var optps = {};
var j = new jso.JSO();
</script>

Alternatively you can use ES6 import using webpack or similar:

import {JSO, Popup} from 'jso'

let j = new JSO({})

Licence

UNINETT holds the copyright of the JSO library. The software can be used free of charge for both non-commercial and commercial projects.

The software is dual-licenced with The GNU Lesser General Public License, version 2.1 (LGPL-2.1) and version 3.0; meaning that you can select which of these two versions depending on your needs.

Features

  • Implements OAuth 2.0 Implicit Flow.
  • AMD-compatible loading.
  • No server component needed.
  • Can handle multiple providers at once.
  • Uses HTML 5.0 localStorage to cache Access Tokens. You do not need to implement a storage.
  • Can prefetch all needed tokens with sufficient scopes, to start with, then tokens can be used for requests later. This way, you can be sure that you would not need to redirect anywhere in your business logic, because you would need to refresh an expired token.
  • Excellent scope support.
  • Caches and restores the hash, your application will not loose state when sending the user to the authorization endpoint.

Library size

  • 4.0.0-rc4: 12612 bytes