OAuth 2.0与OpenID Connect完整实现指南：JWT令牌、安全会话与最佳实践

oauth-implementation by aj-geddes/useful-ai-prompts

211 周安装量

160 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill oauth-implementation

Node.js API 安全

🇨🇳中文介绍

OAuth 实现

概述

使用 JWT 令牌、刷新令牌和安全会话管理，实现行业标准的 OAuth 2.0 和 OpenID Connect 认证流程。

使用场景

用户认证系统
第三方 API 集成
单点登录 (SSO) 实现
移动应用认证
微服务安全
社交登录集成

快速开始

最小化工作示例：

// oauth-server.js - Complete OAuth 2.0 implementation
const express = require("express");
const jwt = require("jsonwebtoken");
const crypto = require("crypto");
const bcrypt = require("bcrypt");

class OAuthServer {
  constructor() {
    this.app = express();
    this.clients = new Map();
    this.authorizationCodes = new Map();
    this.refreshTokens = new Map();
    this.accessTokens = new Map();

    // JWT signing keys
    this.privateKey = process.env.JWT_PRIVATE_KEY;
    this.publicKey = process.env.JWT_PUBLIC_KEY;

    this.setupRoutes();
  }

  // Register OAuth client
  registerClient(clientId, clientSecret, redirectUris) {
    this.clients.set(clientId, {
      clientSecret: bcrypt.hashSync(clientSecret, 10),
// ... (see reference guides for full implementation)

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

指南	内容
Node.js OAuth 2.0 Server	Node.js OAuth 2.0 服务器
Python OpenID Connect Implementation	Python OpenID Connect 实现
Java Spring Security OAuth	Java Spring Security OAuth

🇺🇸English

OAuth Implementation

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

Implement industry-standard OAuth 2.0 and OpenID Connect authentication flows with JWT tokens, refresh tokens, and secure session management.

When to Use

User authentication systems
Third-party API integration
Single Sign-On (SSO) implementation
Mobile app authentication
Microservices security
Social login integration

Quick Start

Minimal working example:

// oauth-server.js - Complete OAuth 2.0 implementation
const express = require("express");
const jwt = require("jsonwebtoken");
const crypto = require("crypto");
const bcrypt = require("bcrypt");

class OAuthServer {
  constructor() {
    this.app = express();
    this.clients = new Map();
    this.authorizationCodes = new Map();
    this.refreshTokens = new Map();
    this.accessTokens = new Map();

    // JWT signing keys
    this.privateKey = process.env.JWT_PRIVATE_KEY;
    this.publicKey = process.env.JWT_PUBLIC_KEY;

    this.setupRoutes();
  }

  // Register OAuth client
  registerClient(clientId, clientSecret, redirectUris) {
    this.clients.set(clientId, {
      clientSecret: bcrypt.hashSync(clientSecret, 10),
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
Node.js OAuth 2.0 Server	Node.js OAuth 2.0 Server
Python OpenID Connect Implementation	Python OpenID Connect Implementation
Java Spring Security OAuth	Java Spring Security OAuth

Best Practices

✅ DO

Use PKCE for public clients
Implement token rotation
Store tokens securely
Use HTTPS everywhere
Validate redirect URIs
Implement rate limiting
Use short-lived access tokens
Log authentication events

❌ DON'T

Store tokens in localStorage
Use implicit flow
Skip state parameter
Expose client secrets
Allow open redirects
Use weak signing keys

Weekly Installs

152

Repository

aj-geddes/usefu…-prompts

GitHub Stars

121

First Seen

Jan 21, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

opencode131

gemini-cli128

codex127

cursor120

claude-code119

github-copilot114

OAuth 2.0与OpenID Connect完整实现指南：JWT令牌、安全会话与最佳实践

🇨🇳中文介绍

OAuth 实现

目录

概述

使用场景

快速开始

相关 Skills

参考指南

最佳实践

✅ 推荐做法

❌ 避免做法