npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@hmcts/ia-idam-express-middleware

v6.7.5

Published

Express middleware for IDAM integration

Downloads

82

Readme

Divorce IDAM Express Middleware

Requirements

  • Node >=8.0
  • yarn

Installation

yarn add @hmcts/div-idam-express-middleware

Available functions

This module exposes three middleware functions that take in an object parameter. These are:

  • authenticate - checks if the current user has a valid auth token cookie, if not redirects them to the idam login page with a query parameter args.continueUrl to determine where the user will be sent on successful login
  • landingPage - should only run on the page that idam redirects to after successful authentication. This sets auth token cookie based on the jwt query parameter passed back by idam
  • protect - checks if the user has a valid auth token cookie, and makes sure it matches against the current session user details. If not, this redirects them to a page defined by the user args.indexUrl
  • logout - This makes a request to idam to invalidate the session Jwt token on exit/logout. It provides the jwt token to idam as a path parameter in the http request url.

Arguments

Pass a key-value object into the parameter when making the middleware function call.

const express = require('express');
const idamExpressMiddleware = require('@hmcts/div-idam-express-middleware');

const app = express();
const args = {
  redirectUri: {URL_TO_REDIRECT_TO_AFTER_LOGIN},
  indexUrl: '/index',
  idamApiUrl: {URL_TO_IDAM_API},
  idamLoginUrl: {URL_TO_REDIRECT_USER_TO_LOGIN},
  idamSecret: {IDAM_SECRET},
  idamClientID: {IDAM_CLIENT_ID}
};

app.use(idamExpressMiddleware.userDetails(args));
app.get(paths.login, idamExpressMiddleware.authenticateMiddleware(args));
app.get(paths.redirectUrl, idamExpressMiddleware.landingPage(idamConfig));
app.use(idamExpressMiddleware.protect(args));
app.get(paths.logout, idamExpressMiddleware.logout(args));

NB. as the cookies have secure: true set you need to make browser requests using https. In a deployed environment where we terminate https on a load balancer that is fine, but if you are running without a loadbalancer (most likely localhost) you will need to be using https.

List of available args

  • indexUrl (required) - the url for the index page of the service, or whatever page you want the user to be redirected to on auth failure.
  • redirectUri (required) - passed to the idamWrapper to determine where to redirect to on successful login. Should create user session and redirect to first logged in page.
  • idamClientID (required) - id of service to use idam.
  • idamSecrete (required) - secret for service to use idam.
  • idamApiUrl (required) - used by the idamWrapper. The url where all API calls will be made to.
  • idamLoginUrl (required) - used by the idamWrapper. The url where the user will be redirected to if they require a login for authentication.
  • tokenCookieName - the name of the cookie that the jwt token will be saved to. By default is __auth-token.
  • stateCookieName - the name of the cookie that stores the state identifier. By default is state.
  • hostName - the main service name / url. By default is the PUBLIC_HOSTNAME environment variable.
  • state - state to padd the oauth flow. By default is a random string.
  • openId - boolean true to use openId endpoints false to use legacy endpoints. By default is false.

OpenId

To use the open id endpoints rather than the legacy endpoints for getting a token and user details add the argument openId when initialising idamExpressMiddleware

const args = {
  redirectUri: {URL_TO_REDIRECT_TO_AFTER_LOGIN},
  indexUrl: '/index',
  idamApiUrl: {URL_TO_IDAM_API},
  idamLoginUrl: {URL_TO_REDIRECT_USER_TO_LOGIN},
  idamSecret: {IDAM_SECRET},
  idamClientID: {IDAM_CLIENT_ID},
  openId: true
};