diff --git a/docs/_static/diagrams/arch-overview.graphml b/docs/_static/diagrams/arch-overview.graphml new file mode 100644 index 00000000..b796f59f --- /dev/null +++ b/docs/_static/diagrams/arch-overview.graphml @@ -0,0 +1,383 @@ + + + + + + + + + + + + + + + + + + + + + + + + + OAuth2Server + + + + + + + + + + + + + + + + AuthenticateHandler + + + + + + + + + + + + + + + + AuthorizeHandler + + + + + + + + + + + + + + + + TokenHandler + + + + + + + + + + + + + + + + Model + + + + + + + + + + + + + + + + UserModel + + + + + + + + + + + + + + + + GrantType + + + + + + + + + + + + + + + + AuthorizationCodeGrantType + + + + + + + + + + + + + + + + AuthorizationCodeGrantType + + + + + + + + + + + + + + + + AuthorizationCodeGrantType + + + + + + + + + + + + + + + + AuthorizationCodeGrantType + + + + + + + + + + + + + + + + TokenModel + + + + + + + + + + + + + + + + + + + + + + + + + + implements + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + passed to constructor + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/_static/diagrams/arch-overview.png b/docs/_static/diagrams/arch-overview.png new file mode 100644 index 00000000..35e764f4 Binary files /dev/null and b/docs/_static/diagrams/arch-overview.png differ diff --git a/docs/docs/about.rst b/docs/docs/about.rst new file mode 100644 index 00000000..a89847cd --- /dev/null +++ b/docs/docs/about.rst @@ -0,0 +1,42 @@ +======================== +About Node OAuth2 Server +======================== + +Please read this section carefully to understand the purpose and scope of the Node OAuth2 Server library. + +Scope +===== + +The scope of this library is to provide a headless implementation of an OAuth2 server that can be used in a variety of applications. +It is designed to be flexible and extensible, allowing developers to implement their own models and customize the behavior of the server. + + +Headless +======== + +By headless we mean that the library does not provide a user interface or any specific implementation details for handling user interactions. +It is purely a backend library that can be integrated into any Node.js application or framework. + +The core library is also designed to be framework-agnostic, meaning it does not depend on any specific web framework like Express or Koa. +For these frameworks, we provide separate adapter libraries that can be used to integrate the OAuth2 server into your application. + +Workflows +========= + +The library intends to cover the core OAuth2 workflows, including: +- Authorization Code Grant +- Client Credentials Grant +- Password Grant +- Refresh Token Grant + +While we provide documentation and examples for these workflows, +it is crucial for developers to understand the OAuth2 specification and how to implement these workflows correctly in their applications. +This is especially important for security reasons, as OAuth2 is a complex protocol with many potential pitfalls. + +We do provide links to standards and readings that can help developers understand the OAuth2 specification and how to implement it securely. + +Examples +======== + +We provide generic examples which you can use as foundation. +However, please make sure you understand the OAuth2 specification and how to implement it correctly in your application. diff --git a/docs/docs/arch.rst b/docs/docs/arch.rst new file mode 100644 index 00000000..ed8117e4 --- /dev/null +++ b/docs/docs/arch.rst @@ -0,0 +1,18 @@ +================= + Architecture +================= + +.. image:: diagrams/arch-overview.png + :width: 800 + :alt: Overview of the architecture of node-oauth2-server + +The above diagrams depicts the main parts of the node-oauth2-server library and their relations. + +The OAuth2Server class is the main entry point to the library. It is initialized with a model that implements the methods required by the OAuth 2.0 specification. +The model is responsible for interacting with the data store, such as a database, to manage clients, tokens, and other resources. + +For each of the major functions there is a specific **handler** class that handles interacts with requests and generates responses: + +- **Authenticate**: The `AuthenticateHandler` class handles the authentication of requests using access tokens. It also allows to delegate the authentication process to an external handler. +- **Authorize**: The `AuthorizeHandler` class handles the authorization code grant flow. It processes the request to authorize a client and generates an authorization code. +- **Token**: The `TokenHandler` class handles the token grant flow. It processes requests to issue access tokens, refresh tokens, and other related operations. diff --git a/docs/index.rst b/docs/index.rst index 7c1ea417..6e5d5e94 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -55,7 +55,9 @@ Contents :maxdepth: 1 :caption: User Documentation + docs/about docs/getting-started + docs/arch docs/adapters .. toctree::