Fync

Authentication

Using bearer tokens and OAuth with GitHub and Google.

Bearer tokens

import { GitHub } from '@remcostoeten/fync';
const github = GitHub({ token: process.env.GITHUB_TOKEN! });

GitHub OAuth

import { GitHubOAuth } from '@remcostoeten/fync';

const oauth = new GitHubOAuth({
  clientId: process.env.GITHUB_CLIENT_ID!,
  clientSecret: process.env.GITHUB_CLIENT_SECRET!,
  redirectUri: 'http://localhost:3000/api/auth/github/callback',
});

const { url, codeVerifier } = oauth.getAuthorizationUrl({
  scope: ['user:email', 'repo'],
  pkce: true,
});

// After callback
const tokens = await oauth.exchangeCodeForToken(code, codeVerifier);
const profile = await oauth.withToken(tokens.access_token).getCompleteProfile();

Google OAuth

import { GoogleOAuth } from '@remcostoeten/fync';

const oauth = new GoogleOAuth({
  clientId: process.env.GOOGLE_CLIENT_ID!,
  clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
  redirectUri: 'http://localhost:3000/api/auth/google/callback',
  scope: ['openid', 'email', 'profile', 'https://www.googleapis.com/auth/calendar'],
});

const { url, codeVerifier } = oauth.getAuthorizationUrl({ accessType: 'offline', pkce: true });

// After callback
const tokens = await oauth.exchangeCodeForToken(code, codeVerifier);
const profile = await oauth.withToken(tokens.access_token).getCompleteProfile();

Notes:

  • PKCE generation is Node-safe and synchronous.
  • Token endpoints with application/x-www-form-urlencoded are handled by the client.

API Reference

Complete method reference for all providers

Core Concepts

Understanding how Fync works under the hood

On this page

Bearer tokensGitHub OAuthGoogle OAuth