npm
Sign UpSign In

This package has been deprecated

Author message:

use

oidc-node-lib

1.0.1 • Public • Published

OIDC NODE SDK

A library for application built using node js. Is used to integrate with identity server for authentication and authorization.

Features:

  • node library
  • integration tests for the library
  • a demo application using express web framework that consumes the library
  • a demo application using kraken web framework that consumes the library

Common tasks are present as npm scripts:

  • npm run build to build the library
  • npm run start:express to run a server with the demo app using express
  • npm run start:kraken to run a server with the demo app using kraken
  • npm run integration run integration tests

When running demo apps, make sure CIDP is running on http://localhost:5200. In UI management make sure client exists:

What's in the OIDC NODE SDK?

demo/
   └── express
   └── kraken
lib/
   ├── index.ts
   └── services/
        └── oidcService.js
        └── userService.js

Files inside lib/ "belong" to library, while demo/ contains demo applications that loads the library.

Libraries do not run by themselves, so it's very useful to have this "demo" apps while developing to see how your library would look like to consumers.

The build step

You can build the library by running npm run build. This will generate a dist/ directory with all the entry points described above.

All the logic for creating the build can be found in ./gulpfile.js. It consists of:

  • Identify any security vulnerabilities
  • Clean dist folder.
  • Transpile with babel.
  • Copy the source to dist folder.
  • Deploy to github.

Testing

The OIDC NODE SDK includes a directory called demo\express\e2e containing end-to-end tests to verify it works.

To run the integration tests, do npm run integration which does the following:

  • Install dependencies.
  • Build library.
  • Enter the demo\express app's directory.
  • Test the app using Protractor testing framework.

Using in the node application

Install node package in your app : npm install oidc-node-lib --save

Import the module in your app. Set the oidcSettings properties to match the server configuration.

var express = require('express');
var router = express.Router();
var oidcService = require('node-oidc-lib');

var app = express();

var oidcSettings = {
  authority_url: "http://localhost:5200",
  client_id: "node_client",
  client_secret: "secret",
  response_type: "code",
  scopes: "openid profile",
  redirect_uri: "/profile",
  post_logout_redirect_uri: "/",
  error_url: "/error?errMsg="
};

Use library middlewares to setup session and connect to CIDP(Collinson Identity Provider) server:

// use Cidp middleware. The middleware does following:
// 1.Connects to CIDP server
// 2.Creates identity cookie session
// 3.Handles authentication success/error handler callbacks

oidcService.useCidp(app, oidcSettings);

Use library middlewares to handle login, logout requests:

router.post('/login', function (req, res, next) {
    oidcService.signIn(req, res, next);
});

router.post('/logout', function (req, res, next) {
    oidcService.signOut(req, res, next);
});

//on success, CIDP redirect to oidcSettings.redirect_uri with identity information attached on request
// isAuthenticated allows only authenticated users to access profile route
router.get('/profile',isAuthenticated, function (req, res, next) {
  var identity = req.identity;
  // Identity contains information about resonse_type like identity token and access token
  // access_token:"eyJhbGciOiJSUzI1NiIsImtpZC"
  // access_token_data:{
  //   scope:Array[2] ["openid", "profile"],
  //   ...
  // }
  // id_token:"eyJhbGciOiJSUzI1NiIsImtpZC"
  // id_token_data:{
  //   family_name:"admin"
  //   given_name:"test"
  //   ...
  // }
  // token_type:"Bearer",
  // expires_at:1500561170,
  // ....
  }

//on error, CIDP redirect to oidcSettings.error_url with errMsg in query string
router.get('/error*', function (req, res, next) {
  var message = req.query.errMsg;
  res.render('error', {
    message: message,
    error: {}
  });
});


// oidc service provides a user helper with following methods available:
// expired:boolean - check if token not expired
// authenticated:boolean - check if token exist and not expired
// hasIdentityClaim(key,value):boolean - check if key value pair exists in identity_token
// hasAccessClaim(key,value):boolean - check if key value pair exists in access_token
function isAuthenticated(req, res, next) {
  
  // using the getUser helper method we can check if user is authenticated
  if (oidcService.getUser(req.identity).authenticated())
    return next();

  res.redirect('/');
}

Readme

Keywords

Package Sidebar

Install

npm i oidc-node-lib

Repository

iurie.marchitan@stash.collinsoncloud.com/stash/scm/sc/collinson_datahub_client_nodejs.git

Weekly Downloads

0

Version

1.0.1

License

MIT

Last publish

Collaborators

  • iurie_m
Try on RunKit
Report malware