@infomaker/service-authorization-lib
v5.7.1
Published
IMID Service Authorization Library
Downloads
31
Readme
Infomaker service-authorization-lib
Develop the project
Run the unit tests
docker-compose up
Rebuild after updates to package.json
docker-compose down
docker-compose build
docker-compose up
tokenUtils
Usage
const tokenUtils = require('@infomaker/service-authorization-lib').tokenUtils
const expressMiddlewareFunctionThing = (req, res, next) => {
tokenUtils.extractServiceTokenFromRequest(req) // -> {...} serviceToken
tokenUtils.extractImidTokenFromRequest(req) // -> 'eyJhbGciOiJSUzUxMiIsIn...' | null
tokenUtils.getSubject(req) // -> '07b9d9e6-5be1-4eb2-9675-9ee702f955ce'
tokenUtils.getOrganization(req) // -> 'infomaker'
tokenUtils.getUnits(req) // -> ['unit-a', 'unit-b']
tokenUtils.getSelectedUnit(req) // -> 'unit-a'
tokenUtils.getOrgPermissions(req) // -> ['writer:access']
tokenUtils.getUnitPermissions(req, 'infomaker-dev') // -> ['writer:access']
tokenUtils.isServiceAdmin(req) // -> false
tokenUtils.getUserinfo(req) // -> { given_name: ... }
}
extractServiceTokenFromRequest(request) ⇒ Object
Extracts and decodes a service token from request
Returns: Object - serviceToken - The service token
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
extractImidTokenFromRequest(request) ⇒ String | null
Extracts IMID token from a raw request if present
Returns: String | null - imidToken - The IMID token if present
| Param | Type | | --- | --- | | request | http.IncomingMessage |
getSubject(request) ⇒ String
Get the subject from the service token
Returns: String - organization - The subject identifier set on the service token
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
getOrganization(request) ⇒ String
Get the subject's organization
Returns: String - organization - The organization the subject belongs to
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
getUnits(request) ⇒ Array.<String>
Get the subject's mapped units
Returns: Array.<String> - units - An array of all units the subject belongs to
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
getSelectedUnit(request) ⇒ null | String
Get the subject's selected unit
Returns: null | String - unit - The subject's selected unit, null if no unit selected
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
getOrgPermissions(request) ⇒ Array.<String>
Get the subject's organization permissions
Organization permissions are located under permissions.org
Returns: Array.<String> - } permissions - The subject's org permissions
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
getUnitPermissions(request, unit) ⇒ Array.<String>
Get the subject's permissions for the specified unit
Organization permissions are located under permissions.units[unit]
Returns: Array.<String> - } permissions - The subject's permissions for the specified unit
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | | | unit | String | The unit permissions should be checked in |
isServiceAdmin(request) ⇒ Boolean
Checks if a token belogs to an admin for the service
Organization permissions are located under permissions.units[unit]
Returns: Boolean - isServiceAdmin - True if the token belongs to an admin for the service
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |
getUserinfo(request) ⇒ Object
Get the subject's userinfo
Organization permissions are located under permissions.units[unit]
Returns: Object - userinfo - The userinfo object set on the subject
| Param | Type | Description | | --- | --- | --- | | request | http.IncomingMessage | |