Arctic

Lichess

OAuth 2.0 provider for Lichess.

Also see the OAuth 2.0 with PKCE guide.

Initialization

import { Lichess } from "arctic";

const lichess = new Lichess(clientId, redirectURI);

Create authorization URL

import { generateState, generateCodeVerifier } from "arctic";

const state = generateState();
const codeVerifier = generateCodeVerifier();
const scopes = ["challenge:read", "challenge:write"];
const url = lichess.createAuthorizationURL(state, codeVerifier, scopes);

Validate authorization code

validateAuthorizationCode() will either return an OAuth2Tokens, or throw one of OAuth2RequestError, ArcticFetchError, or a standard Error (parse errors). Lichess returns an access token and its expiration.

import { OAuth2RequestError, ArcticFetchError } from "arctic";

try {
	const tokens = await lichess.validateAuthorizationCode(code, codeVerifier);
	const accessToken = tokens.accessToken();
	const accessTokenExpiresAt = tokens.accessTokenExpiresAt();
} catch (e) {
	if (e instanceof OAuth2RequestError) {
		// Invalid authorization code, credentials, or redirect URI
		const code = e.code;
		// ...
	}
	if (e instanceof ArcticFetchError) {
		// Failed to call `fetch()`
		const cause = e.cause;
		// ...
	}
	// Parse error
}

Get user profile

Use the /api/account endpoint

const lichessUserResponse = await fetch("https://lichess.org/api/account", {
	headers: {
		Authorization: `Bearer ${accessToken}`
	}
});
const user = await lichessUserResponse.json();

Get user email

Add the email:read scope and use the /api/account/email endpoint

const scopes = ["email:read"];
const url = lichess.createAuthorizationURL(state, codeVerifier, scopes);
const response = await fetch("https://lichess.org/api/account/email", {
	headers: {
		Authorization: `Bearer ${accessToken}`
	}
});
const email = await response.json();