npm
Sign UpSign In

@ist-group/web-skolid
TypeScript icon, indicating that this package has built-in type declarations

11.2.3 • Public • Published

SKOLID-WEB-LIB

A library for SkolID interaction within a SPA.

Installation

yarn add @ist-group/web-skolid

Copy the files in the public folder of this module to a routable path in your application. If the finals paths for these files aren't in the root of your application they need to be configured in the Session/Sign Providers/Managers.

Development

yarn start

Usage

Authentication and session management

With Context

import { SessionProvider, SessionContext } from "@ist-group/web-skolid";

const Root = () => (
  <SessionProvider
    environment={settings.skolid.environment}
    clientId={settings.skolid.clientId}
    scope={settings.skolid.scope}
    automaticSilentRenew
  >
    <div>
      My application
      <App />
    </div>
  </SessionProvider>
);

const App = () => {
  const session = React.useContext(SessionContext);

  if (session.loading) {
    return <progress />;
  }

  if (!session.user) {
    return (
      <div>
        Not logged in: <button onClick={() => session.login()}>Login</button>
      </div>
    );
  }

  return (
    <div>
      Logged in as {session.user.profile.name}:{" "}
      <button onClick={() => session.logout()}>Logout</button>
    </div>
  );
};

ReactDOM.render(<Root />, document.getElementById("root"));

Silent renew

Silent renew is a way to fetch a new access_token before the old one expires. This feature is off by default but may be enabled if your application doesn't have high LOA demands.

Signing

Signing is supported which can be used by:

import { SignProvider } from "@ist-group/web-skolid";

const Root = () => {
  const session = React.useContext(SessionContext);

  return (
    <SignProvider environment={settings.skolid.environment} user={session.user}>
      {(signManager) => <button onClick={() => signManager.sign("text", "data")}>Sign</button>}
    </SignProvider>
  );
};

Impersonation

Exchanges an access token for one subject to an access token for another subject. LOA, authentication time and token lifetime is transferred from the actor token.

const { accessToken, error, loading } = useImpersonationAccessToken({
  accessToken: actorSession.accessToken,
  subjectId: selectedIdentity?.id,
  skip: !useImpersonation,
  clientId: settings.clientId,
  environment: settings.skolidEnvironment
});

Remarks:

  • The client needs have the grant type impersonation enabled.
  • If no subject id is provided no access token is returned.
  • To allow "silent refresh" the output (access token and loading) is unchanged even when the input access token argument is changed as long as the subject id remains the same.

IdP configuration

The default paths this library uses:

  • Redirect: /#/signin-callback#
  • Logout: /#/signout
  • Post logout: /#/logout-callback#
  • Silent renew and session monitoring: /silent-callback.html

Hosted in a subfolder

If the SPA is hosted in a subfolder in a domain. Use the basePath prop to customize the callbacks.

For example:

import { SessionProvider } from "@ist-group/web-skolid";

const Root = () => (
  <SessionProvider
    environment={settings.skolid.environment}
    clientId={settings.skolid.clientId}
    scope={settings.skolid.scope}
    basePath="/path"
    >
    {({ user, loading, login, logout, manager }) => { ... }
  </SessionProvider>
);

Readme

Keywords

none

Package Sidebar

Install

npm i @ist-group/web-skolid

Weekly Downloads

46

Version

11.2.3

License

none

Unpacked Size

189 kB

Total Files

40

Last publish

Collaborators

  • omer.irfan
  • rhine
  • gabts
Try on RunKit
Report malware