OAuth 1.0 authentication strategy for Passport.

Downloads in past


23111.3.0a year ago11 years agoMinified + gzip package size for passport-oauth1 in KB


General-purpose OAuth 1.0 authentication strategy for Passport.
This module lets you authenticate using OAuth in your Node.js applications. By plugging into Passport, OAuth-based sign in can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
Note that this strategy provides generic OAuth support. In many cases, a provider-specific strategy can be used instead, which cuts down on unnecessary configuration, and accommodates any provider-specific quirks. See the list for supported providers.
Developers who need to implement authentication against an OAuth provider that is not already supported are encouraged to sub-class this strategy. If you choose to open source the new provider-specific strategy, please add it to the list so other people can find it.

:heart: Sponsors

Learn OAuth 2.0 - Get started as an API Security Expert
Just imagine what could happen to YOUR professional career if you had skills in OAuth > 8500 satisfied students

npm build coverage ...


$ npm install passport-oauth1


Configure Strategy

The OAuth authentication strategy authenticates users using a third-party account and OAuth tokens. The provider's OAuth endpoints, as well as the consumer key and secret, are specified as options. The strategy requires a verify callback, which receives a token and profile, and calls cb providing a user.
passport.use(new OAuth1Strategy({
    requestTokenURL: '',
    accessTokenURL: '',
    userAuthorizationURL: '',
    consumerKey: EXAMPLE_CONSUMER_KEY,
    consumerSecret: EXAMPLE_CONSUMER_SECRET,
    callbackURL: "",
    signatureMethod: "RSA-SHA1"
  function(token, tokenSecret, profile, cb) {
    User.findOrCreate({ exampleId: }, function (err, user) {
      return cb(err, user);

Authenticate Requests

Use passport.authenticate(), specifying the 'oauth' strategy, to authenticate requests.
For example, as route middleware in an Express application:

  passport.authenticate('oauth', { failureRedirect: '/login' }),
  function(req, res) {
    // Successful authentication, redirect home.

Related Modules



The test suite is located in the test/ directory. All new features are expected to have corresponding test cases. Ensure that the complete test suite passes by executing:
$ make test


All new feature development is expected to have test coverage. Patches that increse test coverage are happily accepted. Coverage reports can be viewed by executing:
$ make test-cov
$ make view-cov


The MIT License
Copyright (c) 2011-2016 Jared Hanson <>