Authorisation library

This authorisation library consists of functions that decode a JWT token and also allows permission and role checking of a decoded token.

Functions are listed below:

1. parseTokenFromCookie(ctx.req.getHeader('cookie')) => parses a token out of a cookie header
2. parseTokenFromAuthorisationHeader(ctx.req.getHeader('authorization')) => parses a token out of a authorization header
3. decodeToken(token) => decodes a token
4. getToken(ctx.req.getHeader('cookie'), ctx.req.getHeader('authorization')) => returns a token from a header
5. hasPermission(token, permission) => checks if a permission is in a token
6. hasRole(token, role) => checks if a role is in a token
7. getRoles(token) => returns an array of roles from a token
8. getPermissions(token) => returns an array of permissions from a token
9. getGroups(token) => return an array of groups from a token
10. getUserId(token) => returns auth0 user id of the format auth0|<id>
11. requirePermissions(string[], token) => returns true if token contains all required permissions; otherwise throws an error.
12. requireRoles(string[], token) => returns true if token contains all required roles; otherwise throws an error.

To add to a service

1. yarn add @brickblock/authorisation-library

How to develop

Please us TDD, write tests then your function.

1. yarn link
2. yarn build
3. yarn link @brickblock/authorisation-library => in the service you need this library in!

To use in service

Import as outlined below

const {
  getToken,
  getRoles,
  getPermission,
} = require('@brickblock/authorisation-library')

Dubugging the tests

  {
    "name": "Debug Jest Tests",
    "type": "node",
    "request": "launch",
    "runtimeArgs": [
      "--inspect-brk",
      "${workspaceRoot}/node_modules/.bin/jest",
      "--runInBand"
    ],
    "env": { "BBK_RUNTIME_ENVIRONMENT": "development" },
    "console": "integratedTerminal",
    "internalConsoleOptions": "neverOpen",
    "port": 9229
  }