Implementing the OAuth client using a library
Integrating an existing OAuth library into your application
Many open source libraries offer high-quality implementations of OAuth clients. They are available in a variety of programming languages, offering support for various web frameworks and database backends.
Where to start
A list of open-source OAuth client libraries is available at https://oauth.net/code/.
We strongly recommend using one of these libraries instead of trying to implement OAuth from scratch
Implementing the client using a library
Libraries providing OAuth implementation often allow for some degree of customisation, allowing to plug in custom implementations for front-end and back-end interfaces they provide.
Most often, when using a library, a developer can:
- configure the client for use with specific authorization server: provide the authorization and token endpoints, configure supported client authentication methods and protocol extensions;
- provide the UI for initiating the flow (”Connect to Pleo” button), and connect it to functions and methods of the library that generate all necessary authorization request parameters;
- integrate the library with the web framework of choice to allow it to perform HTTP redirects;
- provide implementation for persistence backend, allowing the client library to store and retrieve parameters, such as
code_verifierandstate, as well as access and refresh tokens; - provide custom UI for handling success and error responses from the authorization server;
- listen to events emitted during flow, and extend various stages.
Exact details and capabilities vary between implementations. Consult the documentation of the library of your choice.
Updated 5 months ago