OAuth wrapper for Node.js, providing a simple API to authenticate against OAuth providers so your app can act as an OAuth consumer. It supports OAuth 1.0 and includes rudimentary OAuth2 support (tested against providers like Twitter, Facebook, GitHub, Google, and others), plus OAuth Echo support for communicating with third-party media providers.
Project status
- The source does not appear actively maintained today, with the most recent upstream push and npm updates on 2025-03-11 (about 15 months ago as of 2026-06-09). After that brief activity, there is no evidence of further updates.
- The apparent update cadence is bursty rather than continuous, with 0.10.1 and 0.10.2 published on the same day (2025-03-11), followed by a long gap until earlier updates (for example, 0.10.0 in 2022-07-22).
AI summary generated
Recent updates
0.10.2
No release notes were provided for v0.10.2 in the publisher metadata. The included code diff, however, shows substantial changes across the OAuth1 and OAuth2 implementation, plus changes to the module export surface (new root index.js).
Features0.10.1
No publisher release notes were provided for version 0.10.1. From the included code changes and README change history, the main update is adding OAuth1 signature support for the non-standard but commonly used HMAC-SHA256 signature method.
Features0.10.0
Release 0.10.0 does not include any publisher-provided release notes (the release notes section is effectively empty). The code changes in this release are small but include a behavioral change in OAuth2 request error handling, plus build/test metadata updates (version bump, dev dependency update, and a new package-lock).
Breaking0.9.15
This release adds support for specifying a custom HTTP(S) agent for OAuth2 requests. It also bumps the package version to 0.9.15 and includes a new Twitter OAuth 1.0 example, plus a small package.json license metadata change.
Features0.9.14
Release 0.9.14 has no publisher-provided release notes in the supplied release_notes section. The code changes are centered on OAuth2 HTTP response handling, plus test harness refactoring and minor repository metadata updates.
Breaking0.9.13
Release 0.9.13 has no publisher-provided release notes. The only documented behavior change appears in the repository README change history, while the actual code change is a small internal modification within the OAuth2 request logic.
0.9.12
Release 0.9.12 (from 0.9.11) contains mainly OAuth request handling changes. The code adds support for passing Buffer instances directly as POST and PUT bodies (OAuth1 and OAuth2), improves Content-Length handling for buffer bodies, and adjusts request execution to support PUT in OAuth2.
BreakingFeatures0.9.11
No release notes were provided for version 0.9.11. The code diff from v0.0.7 to 0.9.11 shows a substantial refactor of both OAuth 1.0 and OAuth 2.0 implementations, adding new entrypoints/constructors, enhanced HTTPS and header handling, and significant changes to how OAuth2 requests are constructed.
BreakingFeatures0.9.10
Release 0.9.10 has no publisher-provided release notes. However, the code changes in lib/oauth2.js and the corresponding test updates indicate a meaningful change in how OAuth2 access tokens are sent for GET requests, plus a small refactor of the internal request flow.
BreakingFeatures0.9.9
Release 0.9.9 was published on 2013-03-01, but no release notes were provided. As a result, there is no documented information about new features, bug fixes, breaking changes, security updates, or migrations for this version.
v0.0.7
Release v0.0.7 contains no release-notes content from the publisher, but the code diff shows meaningful changes to the core OAuth client implementation. Key updates include a changed OAuth constructor signature (with a new authorize_callback parameter), changes to how OAuth parameters are encoded when computing signatures, and altered secure request behavior for HTTPS.
Featuresv0.0.6
Release v0.0.6 was published on 2010-05-02, but no release notes or change details were provided by the publisher. As a result, there is no actionable information available to identify new features, fixes, breaking changes, or dependency updates.