Chapter 5. Building a simple OAuth authorization server
This chapter covers
- Managing registered OAuth clients
- Having a user authorize a client
- Issuing a token to an authorized client
- Issuing and responding to a refresh token
In the last two chapters, we built an OAuth client application that fetched a token from an authorization server and used that token at a protected resource, and we built the protected resource for the client to access. In this chapter, we’ll build a simple authorization server that supports the authorization code grant type. This component manages clients, performs the delegation action core to OAuth, and issues tokens to clients.
All of the exercises and examples in this book are built using Node.js ...