npm
Sign UpSign In

brightspace-auth-token

8.2.1 • Public • Published

brightspace-auth-token

Build Status

Usage

const AuthToken = require('brightspace-auth-token');

// See brightspace-auth-validation to do this for you!
function authorizeRequest(req) {
	const signature = req.headers.authorization.match(/Bearer (.+)/)[1];
	const payload = parseAndValidateSignature(signature);

	return new AuthToken(payload, signature);
}

require('http')
	.createServer((req, res) => {
		const token = authorizeRequest(req);

		if (!token.hasScope('random', 'greetings', 'read')) {
			res.statusCode = 403;
			res.end('You don\'t have sufficient scope!\n');
			return;
		}

		let msg;
		if (token.isUserContext()) {
			msg = 'Hello user!\n';
		} else if (token.isTenantContext()) {
			msg = 'Hello service, acting at the tenant level!\n';
		} else if (token.isGlobalContext()) {
			msg = 'Hello service, maintaining all of our systems!\n';
		}

		res.statusCode = 200;
		res.end(msg);
	})
	.listen(3000);

API

new AuthToken(Object decodedPayload, String source) -> AuthToken

decodedPayload should be an already verified and parsed JWT body. source should be the signature from which the payload was retrieved.

.user -> String|Undefined

The identifier for the user this token belongs to. Not present outside of user context.

.tenant -> String|Undefined

The tenant UUID this token belongs to. Not present outside of user and tenant contexts.

.actualUser -> String|Undefined

The identifier for the acting user. For convenience, this will always be the same as user except in the case of impersonation. Not present outside of user context.

.azp -> String|Undefined

The identifier for the party to whom this token was issued. If present it will contain the OAuth 2.0 Client ID of the party. The identifier is a case-sensitive string which may be a URI value.

.isGlobalContext() -> Boolean

.isTenantContext() -> Boolean

.isUserContext() -> Boolean

.isImpersonating() -> Boolean

.context -> String

.hasScope(String group, String resource, String permission) -> Boolean

.scope -> Map

.cacheKey -> String

A normalized string which could be used as part of cache keys when caching resources.

.source -> String

The source signature provider when creating the token.

Readme

Keywords

none

Package Sidebar

Install

npm i brightspace-auth-token

Repository

github.com/Brightspace/node-auth

Homepage

github.com/Brightspace/node-auth#readme

Weekly Downloads

551

Version

8.2.1

License

Apache-2.0

Unpacked Size

18 kB

Total Files

4

Last publish

Collaborators

  • d2l-travis-deploy
Try on RunKit
Report malware