Deno KV OAuth

Minimal OAuth 2.0 powered by Deno KV.

Note: this project is in beta. API design and functionality are subject to change.

Features

• Built-upon the robust oauth2_client module for OAuth 2.0 2.0-related workflows.
• Uses Deno KV for reliable and persistent storage of session data.
• Takes care of the authorization code flow with Proof Key for Code Exchange (PKCE), automatically refreshing access tokens, and automatically redirecting the client to the next endpoint.
• Comes with a suite of pre-configured clients for popular OAuth 2.0 providers.
• Straightforward API which aims to require minimal input, thanks to reasonable defaults.
• Works locally and in the cloud, including Deno Deploy.
• Works with any web framework that uses the Web APIs Request and Response interfaces.

Live Demo

You can also check out a live demo at https://kv-oauth.deno.dev, which uses Github as the OAuth 2.0 provider. Source code is located in demo.ts.

Usage

Getting Started

1. Download demo.ts.
2. Define your client object using one of the pre-configured OAuth 2.0 clients or a custom OAuth 2.0 client.
3. Run the script with the appropriate environment variables and permission flags defined. E.g. for GitHub:

   GITHUB_CLIENT_ID=xxx GITHUB_CLIENT_SECRET=xxx deno run --unstable --allow-env --allow-net demo.ts

Defaults

By default, the client will be redirected to the root path, /, after the callback is handled and the sign out process is complete. This behavior can be changed by setting the redirectUrl parameter in handleCallback() and signOut()

Pre-configured OAuth 2.0 Clients

This module comes with a suite of pre-configured OAuth 2.0 clients for the following providers:

1. Discord
2. GitHub
3. GitLab
4. Google
5. Slack
6. Twitter

Each function is typed so that their respective platform's requirements are met.

If there's a pre-configured OAuth 2.0 client for a provider you'd like added, please submit a pull request or create a new issue.

Custom OAuth 2.0 Client

If you require custom OAuth 2.0 configuration, you must define your client using new OAuth2Client() from the oauth2_client module. E.g.:

import { OAuth2Client } from "https://deno.land/x/oauth2_client/mod.ts";

const client = new OAuth2Client({
  clientId: Deno.env.get("CUSTOM_CLIENT_ID")!,
  clientSecret: Deno.env.get("CUSTOM_CLIENT_SECRET")!,
  authorizationEndpointUri: "https://custom.com/oauth/authorize",
  tokenUri: "https://custom.com/oauth/token",
  redirectUri: "https://my-site.com",
});

KV_PATH Environment Variable

Optionally, you can define the path that KV uses by using the --allow-env[=KV_PATH] flag and setting the KV_PATH environment variable. E.g.

KV_PATH=:memory: deno run --allow-write --allow-read --allow-env=KV_PATH --unstable script.ts

Contributing

Before submitting a pull request, please run deno task ok and ensure all checks pass. This checks formatting, linting, types and runs tests.

In the Wild

Check out these projects powered by Deno KV OAuth 2.0:

1. Deno SaaSKit / Deno Hunt - A modern SaaS template built on Fresh.
2. KV SketchBook - Dead simple sketchbook app.

Do you have a project powered by Deno KV OAuth 2.0 that you'd like to share? Please submit a pull request adding that project to this list.