🔗 OAuth Blocks

OAuth blocks provide comprehensive functionality for integrating third-party OAuth providers into NodeBlocks services. Providers currently supported: Google, Twitter, and LINE. The design allows for expansion to other providers.

---

🎯 Overview

OAuth blocks are designed to:

• Support multiple OAuth providers (Google, Twitter, LINE)
• Handle OAuth initiation with secure state management
• Process OAuth callbacks and authenticate users
• Map provider profiles to identities and create or resolve accounts
• Generate secure redirect URLs with authentication tokens
• Enable flexible authentication flows for signup and login

---

📦 Block Types

🔍 Schemas

JSON Schema/OpenAPI definitions used to validate and describe OAuth-related endpoints:

• fpQueryParameter: Fingerprint tracking parameter
• purposeQueryParameter: Flow purpose (oauth-login | oauth-signup)
• redirectUrlQueryParameter: Client redirect URL after OAuth
• typeIdQueryParameter: Optional identity type identifier
• stateQueryParameter: OAuth callback state verifier
• googleOauthSchema: OAuth initiation schema (query-only, empty body)
• twitterOauthSchema: OAuth initiation schema (query-only, empty body)
• lineOauthSchema: OAuth initiation schema (query-only, empty body)

View OAuth Schemas →

🔧 Blocks

Pure business logic functions for OAuth flow orchestration:

Google OAuth Blocks:

• requestGoogleOAuth: Initiates Google OAuth authentication flow with state management and token generation, delegating to provider consent redirect
• authenticateGoogleOAuth: Authenticates Google OAuth callback and reads user profile from provider response
• verifyGoogleOAuth: Maps Google provider profile to identity, creating new identity on signup or resolving existing identity on login

Twitter OAuth Blocks:

• prepareTwitterCallbackState: Builds state object for Twitter OAuth callback with fingerprint, purpose, and redirect URL
• requestTwitterOAuth: Initiates Twitter OAuth authentication request with state management
• authenticateTwitterOAuth: Authenticates Twitter OAuth callback and reads user profile from provider response
• verifyTwitterOAuth: Maps Twitter provider profile to identity using provider ID, creating or resolving identity based on flow purpose

LINE OAuth Blocks:

• requestLineOAuth: Initiates LINE OAuth authentication flow with state token generation and provider delegation
• authenticateLineOAuth: Authenticates LINE OAuth callback and reads user profile from provider response
• verifyLineOAuth: Maps LINE provider profile to identity, creating new identity on signup or resolving existing identity on login

OAuth Utility Blocks:

• extractOAuthLoginState: Decodes and validates OAuth state token containing fingerprint, purpose, and redirect URL
• generateRedirectURL: Builds secure redirect URL with onetime or access token for client application after successful authentication

View OAuth Blocks →

🛣️ Routes

HTTP endpoint definitions for OAuth initiation and callbacks:

• googleOAuthRoute: GET /auth/oauth/google — Initiates Google OAuth flow with state management and redirects to provider consent
• googleOAuthCallbackRoute: GET /auth/oauth/google/callback — Handles Google OAuth callback, authenticates user, and redirects to client application with tokens
• twitterOAuthRoute: GET /auth/oauth/twitter — Initiates Twitter OAuth flow with state management and redirects to provider consent
• twitterOAuthCallbackRoute: GET /auth/oauth/twitter/callback — Handles Twitter OAuth callback, authenticates user, and redirects to client application with tokens
• lineOAuthRoute: GET /auth/oauth/line — Initiates LINE OAuth flow with state management and redirects to provider consent
• lineOAuthCallbackRoute: GET /auth/oauth/line/callback — Handles LINE OAuth callback, authenticates user, and redirects to client application with tokens

View OAuth Routes →

🚀 Features

Composed features that combine schemas, routes, and blocks for end-to-end OAuth flows:

• googleOAuthFeature: Complete Google OAuth initiation workflow with schema validation and routing for provider consent redirect
• googleOAuthCallbackFeature: Complete Google OAuth callback processing workflow with user authentication and redirect to client application
• twitterOAuthFeature: Complete Twitter OAuth initiation workflow with schema validation and routing for provider consent redirect
• twitterOAuthCallbackFeature: Complete Twitter OAuth callback processing workflow with user authentication and redirect to client application
• lineOAuthFeature: Complete LINE OAuth initiation workflow with schema validation and routing for provider consent redirect
• lineOAuthCallbackFeature: Complete LINE OAuth callback processing workflow with user authentication and redirect to client application

View OAuth Features →

---

🔗 Related Documentation

• OAuth Schemas - OAuth data validation and contracts
• OAuth Blocks - OAuth business logic functions
• OAuth Routes - HTTP endpoint definitions
• OAuth Features - Complete OAuth management features