node-id4me-rp

An Node.js ID4me Relying Party library implemented according to the official guide
Demo Application

Installation

npm install id4me-rp
or
yarn add id4me-rp

(Temporary) Documentation

Methods available

Discovery

• validateDnsRecord(record: string): boolean
• parseDnsRecord(record: string): ParsedDnsRecord
• findDnsRecord(domain: string): ParsedDnsRecord

Registration

• getConfigurationUrl(iss: string): string
• async getConfiguration(iss: string, forceRefetch = false): AuthorityConfiguration
• async registerApplication(iss: string, config: ApplicationRegistrationData, forceReset = false, adapter: ApplicationStorageAdapter = memoryStorageAdapter): ApplicationResponse

RegistrationsClient: Stores config and adapter to reduce code duplication

  const registrationsClient = new id4me.RegistrationsClient(config: ApplicationRegistrationData, adapter: ApplicationStorageAdapter = memoryStorageAdapter);
  const app = await registrationsClient.getApplication(iss: string, forceReset = false);

❗ Even though there's a default for the adapter argument you should still pass a custom instance of ApplicationStorageAdapter to prevent being blocked by an Identity Authority and to ensure consistency across instances of your application.

ApplicationStorageAdapter: Used to replace the default method of storing the credentials for applications registered at different Identity Authorities. In each function you're expected to write the code needed to connect your application to the database of your choice. All provided functions are expected to return a promise.

  const adapter = new id4me.ApplicationStorageAdapter(
    async (identifier, data) => {
      // Save credentials
    },
    async identifier => {
      // Get and return credentials
    },
    async identifier => {
      // Delete credentials
      // Return boolean indicating success
    }
  );

Authentication

• async getAuthenticationUrl(config: AuthenticationUrlConfig): string
• async getTokens(iss: string, clientId: string, clientSecret: string, code: string, redirectUri: string): TokenResponse
• decodeIdToken(token: string): DecodedIdToken

Claims

• async getClaims(iss: string, token: string): ClaimsOverview
• async getDistributedClaim(claims: ClaimsOverview, name: string): string | number | null

ClaimsClient: Used to cut down on duplicate code when requesting multiple claims

  const claimsClient = new id4me.ClaimsClient(identityAuthority, access_token);
  const email = await claimsClient.getClaim('email');

All methods can be required/imported from the package directly.
For now I recommend you also take a look at the example code to see how the methods are used.
While the library and the example app are written in TypeScript you can also use them with regular JavaScript without any problems.

TODO

• Simplify general usage
• Support for encryption (Looking for help)
• Create more automated tests