Chapter 5. Building a simple OAuth authorization server

This chapter covers

Managing registered OAuth clients
Having a user authorize a client
Issuing a token to an authorized client
Issuing and responding to a refresh token

In the last two chapters, we built an OAuth client application that fetched a token from an authorization server and used that token at a protected resource, and we built the protected resource for the client to access. In this chapter, we’ll build a simple authorization server that supports the authorization code grant type. This component manages clients, performs the delegation action core to OAuth, and issues tokens to clients.

Note

All of the exercises and examples in this book are built using Node.js and ...

Get OAuth 2 in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

OAuth 2 in Action by Justin Richer, Antonio Sanso

Chapter 5. Building a simple OAuth authorization server

Note

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly