readme strategy options

dan-nl · dan-nl · commit db7b5646e742 · 2017-10-27T20:50:51.000+02:00
this resolves jaredhanson#28, resolves jaredhanson#46, resolves jaredhanson#57, resolves jaredhanson#91
diff --git a/README.md b/README.md
@@ -75,6 +75,82 @@ app.get('/auth/example/callback',
   });
 ```
 
+## Strategy Options
+
+#### authorizationURL
+REQUIRED
+`{ authorizationURL: string }`
+URL used to obtain an authorization grant
+
+#### tokenURL
+REQUIRED
+`{ tokenURL: string }`
+URL used to obtain an access token
+
+#### clientID
+REQUIRED
+`{ clientID: string }`
+The client identifier issued to the client by the OAuth 2.0 service.
+
+#### clientSecret
+REQUIRED
+`{ clientSecret: string }`
+The client secret issued to the client by the OAuth 2.0 service.
+
+#### callbackURL
+OPTIONAL
+`{ callbackURL: string }`
+URL to which the service provider will redirect the user after obtaining authorization. The URL can be relative or fully qualified; when relative, the original URL of the authorization request will be prepended to the relative URL.
+
+#### customHeaders
+OPTIONAL
+`{ customHeaders: Object }`
+Custom headers you can pass with the authorization request.
+
+#### passReqToCallback
+OPTIONAL
+`{ passReqToCallback: boolean }`
+When set to `true`, the first argument sent to the verify callback is the request, `http.IncomingMessage`, (default: `false`)
+
+#### proxy
+OPTIONAL
+`{ proxy: boolean }`
+Used when resolving a relative callbackURL. When set to `true`, `req.headers['x-forwarded-proto']` and `req.headers['x-forwarded-host']` will be used otherwise `req.connection.encrypted` and `req.headers.host` will be used.
+
+_Note_: if your webserver, e.g. `Express`, provides `req.app.get` and the value `req.app.get('trust proxy')` is set, proxy option will automatically be set to `true`.
+
+#### scope
+OPTIONAL
+`{ scope: Array|string }`
+The scope of the access request made by the client of the OAuth 2.0 service; the strings are defined by the OAuth 2.0 service.
+
+When the scope is provided as a list of strings, each string should be separated by a space as per the OAuth 2.0 spec. When the scope is provided as an Array, each array element will be joined by the scopeSeparator.
+
+#### scopeSeparator
+OPTIONAL
+`{ scopeSeparator: string }`
+The separator used to join the scope strings when the `scope` is provided as an Array (default: `single space`).
+
+#### sessionKey
+OPTIONAL
+`{ sessionKey: string }`
+The key to use to store the state string when the `state` option is set to `true`. (default: 'oauth2:' + url.parse(options.authorizationURL).hostname)
+
+#### skipUserProfile
+OPTIONAL
+`{ skipUserProfile: boolean }`
+Whether or not to return the user profile information of the user granting authorization to their account information.
+
+#### state
+OPTIONAL
+`{ sessionKey: boolean }`
+When set to `true`, a state string with be created, stored, sent along with the authorization request and validated
+
+#### store
+OPTIONAL
+`{ store: Function }`
+The store to use when storing the state string (default: `SessionStore`, `req.session[sessionKey]`, requires session middleware such as `express-session`). See the [NullStore][./lib/state/null.js] for an example of a store function.
+
 ## Related Modules
 
 - [passport-oauth1](https://github.com/jaredhanson/passport-oauth1) — OAuth 1.0 authentication strategy
