Skip to content

Commit

Permalink
docs: improve docs for new config option
Browse files Browse the repository at this point in the history
  • Loading branch information
jasonraimondi committed Aug 12, 2024
1 parent cf41704 commit 21e265b
Show file tree
Hide file tree
Showing 8 changed files with 66 additions and 7 deletions.
4 changes: 2 additions & 2 deletions docs/docs/endpoints/authorize.mdx
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
sidebar_position: 2
sidebar_position: 1
title: /authorize
---

Expand All @@ -8,11 +8,11 @@ title: /authorize
The `/authorize` endpoint is a front channel endpoint that initiates the authorization process and issues an authorization code. This code can then be exchanged at the `/token` endpoint for a usable access token.

:::info
- This endpoint is only necessary if you are implementing the Authorization Code Grant.

- The authorization endpoint should only support the GET method for the initial request. The user agent should be redirected to the authorization page.

- The URL `/authorize` can be customized, some other common urls are: `/oauth/authorize`, `/v1/authorize`, etc.

:::

## Purpose
Expand Down
29 changes: 29 additions & 0 deletions docs/docs/endpoints/introspect.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,19 @@ app.post("/token/introspect", async (req: Express.Request, res: Express.Response
});
```

### Configure

Client credentials authentication is enabled by default. To disable, set `authenticateIntrospect` to `false`.

```ts
const authoriztionServer = new AuthorizationServer(
...,
{
authenticateIntrospect: false,
}
);
```

### Request

A complete token introspection request will include the following parameters:
Expand Down Expand Up @@ -61,6 +74,22 @@ You can authenticate by passing the `client_id` and `client_secret` as a query s
```
</TabItem>

<TabItem value="authenticateIntrospect" label="authenticateIntrospect = false">
```ts
new AuthorizationServer(..., {
authenticateIntrospect: false,
})
```

```http request []
POST /token/introspect HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
token=xxxxxxxxxx
&token_type_hint=refresh_token
```
</TabItem>
</Tabs>
</details>

Expand Down
30 changes: 30 additions & 0 deletions docs/docs/endpoints/revoke.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,19 @@ app.post("/token/revoke", async (req: Express.Request, res: Express.Response) =>
});
```

### Configure

Client credentials authentication is enabled by default. To disable, set `authenticateRevoke` to `false`.

```ts
const authoriztionServer = new AuthorizationServer(
...,
{
authenticateRevoke: false,
}
);
```

### Request

A complete token revocation request will include the following parameters:
Expand Down Expand Up @@ -61,6 +74,23 @@ You can authenticate by passing the `client_id` and `client_secret` as a query s
```
</TabItem>

<TabItem value="authenticateRevoke" label="authenticateRevoke = false">
```ts
new AuthorizationServer(..., {
authenticateRevoke: false,
})
```

```http request []
POST /token/revoke HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
token=xxxxxxxxxx
&token_type_hint=refresh_token
```
</TabItem>

</Tabs>
</details>

Expand Down
2 changes: 1 addition & 1 deletion docs/docs/endpoints/token.mdx
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
sidebar_position: 1
sidebar_position: 2
title: /token
---

Expand Down
2 changes: 1 addition & 1 deletion docs/docs/grants/authorization_code.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ The authorization server will respond with the following response
- **token_type** will always be `Bearer`
- **expires_in** is the time the token will live in seconds
- **access_token** is a JWT signed token and is used to authenticate into the resource server
- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](#refresh-token-grant)
- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](./refresh_token.mdx)
- **scope** is a space delimited list of scopes the token has access to
<details>
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/grants/password.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ The authorization server will respond with the following response
- **token_type** will always be `Bearer`
- **expires_in** is the time the token will live in seconds
- **access_token** is a JWT signed token and is used to authenticate into the resource server
- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](#refresh-token-grant)
- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](./refresh_token.mdx)
- **scope** is a space delimited list of scopes the token has access to

<details>
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/grants/refresh_token.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ The authorization server will respond with the following response
- **token_type** will always be `Bearer`
- **expires_in** is the time the token will live in seconds
- **access_token** is a JWT signed token and is used to authenticate into the resource server
- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](#refresh-token-grant)
- **refresh_token** is a JWT signed token and can be used in with the refresh grant (this one)
- **scope** is a space delimited list of scopes the token has access to

<details>
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/upgrade_guide.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ In v3, `enableGrantType` has been updated for the **"authorization_code"** and *

#### Authorization Code Grant

`AuthorizationCodeGrant` now requires a [AuthorizationCodeRepository](./getting_started/repositories.mdx#authorization-code-repository) and a [UserRepository](./getting_started/repositories.mdx#user-repository).
`AuthorizationCodeGrant` now requires a [AuthorizationCodeRepository](./getting_started/repositories.mdx#auth-code-repository) and a [UserRepository](./getting_started/repositories.mdx#user-repository).

**Before (v2.x):**

Expand Down

0 comments on commit 21e265b

Please sign in to comment.