@opengovsg/myinfo-gov-client
v4.1.2
Published
A lightweight client to easily call the MyInfo Person v3.2 endpoint for the Singapore government. Tested with NodeJS version >=12.
Downloads
970
Readme
myinfo-gov-client
A lightweight client to easily call the MyInfo Person v3.2 endpoint for the Singapore government. Tested with NodeJS version >=12.
Quick Start
'use strict'
const fs = require('fs')
const app = require('express')()
const { MyInfoGovClient } = require('@opengovsg/myinfo-gov-client')
// Application configuration
const APP_DOMAIN = '<Your application domain URL>'
const PORT = 5000
const REQUESTED_ATTRIBUTES = ['name', 'sex', 'race']
// Endpoint to which user should be redirected after login
const REDIRECT_ENDPOINT_PATH = '/login'
// MyInfo credentials
const clientId = '<Your Client ID>'
const clientSecret = fs.readFileSync('./secrets/clientSecret.txt')
const singpassEserviceId = '<Your SingPass e-Service ID>'
const myInfoPublicKey = fs.readFileSync('./static/myInfoPublicKey.pem')
const clientPrivateKey = fs.readFileSync('./secrets/privateKey.pem')
// Initialise client
const myInfoGovClient = new MyInfoGovClient({
clientId,
clientSecret,
singpassEserviceId,
redirectEndpoint: `${APP_DOMAIN}${REDIRECT_ENDPOINT_PATH}`,
clientPrivateKey,
myInfoPublicKey,
mode: 'stg', // Set to 'dev' to call dev endpoint, leave empty for prod
})
app.get('/', (_req, res) => {
const redirectUrl = client.createRedirectURL({
purpose: 'Information for my application',
requestedAttributes: REQUESTED_ATTRIBUTES,
relayState: 'State to be returned in redirect query parameters',
})
return res.send(`
<a href=${redirectUrl}>Log in</a>
`)
})
app.get(REDIRECT_ENDPOINT_PATH, async (req, res) => {
// Authorisation code passed via query parameters
const { code } = req.query
const accessToken = await client.getAccessToken(code)
// Result contains NRIC and MyInfo data
const result = await client.getPerson(accessToken, REQUESTED_ATTRIBUTES)
return res.json(result.data)
})
app.listen(PORT, () => console.log(`App listening on port ${PORT}`))
API
Constructor
MyInfoGovClient(config: IMyInfoConfig)
Configuration parameters
Type: IMyInfoConfig
clientId
Type: string
Client ID (also known as App ID).
clientSecret
Type: string | Buffer
Client secret provided by MyInfo.
singpassEserviceId
Type: string
The default e-service ID registered with SingPass to use. Can be overridden if necessary in createRedirectURL
and getPerson
functions.
redirectEndpoint
Type: string
Endpoint to which user should be redirected after login.
clientPrivateKey
Type: string | Buffer
RSA-SHA256 private key, which must correspond with public key provided to MyInfo during the onboarding process.
myInfoPublicKey
Type: string | Buffer
MyInfo server's public key for verifying their signature
mode
Type: MyInfoMode
Optional mode, which determines the MyInfo endpoint to call. One of 'dev'
, 'stg'
or 'prod'
. Defaults to 'prod'
.
Returns
Type: MyInfoGovClient
Instance of MyInfoGovClient
.
createRedirectUrl
.createRedirectUrl(authRequest)
Parameters
Type: IAuthRequest
purpose
Type: string
Purpose of requesting the data, which will be shown to user.
requestedAttributes
Type: MyInfoScope[]
MyInfo scopes which the user must consent to provide.
relayState
Type: string
Optional state to be forwarded to the redirect endpoint via query parameters.
singpassEserviceId
Type: string
Optional alternative e-service ID. Defaults to the e-serviceId provided in the constructor.
redirectEndpoint
Type: string
Optional alternative redirect endpoint. Defaults to the endpoint provided in the constructor.
Returns
Type: string
The URL to which the user should be redirected to log in to SingPass and consent to providing the given attributes.
getAccessToken
.getAccessToken(authCode)
authCode
Type: string
Authorisation code given by MyInfo in query parameters.
Returns
Type: string
The access token which can be used to call the Person endpoint. This is a JSON web token containing the user's NRIC.
getPerson
.getPerson(accessToken, requestedAttributes, singpassEserviceId)
accessToken
Type: string
The access token retrieved from the Token endpoint using .getAccessToken
.
requestedAttributes
Type: MyInfoScope[]
Scopes to request from Myinfo. Should correspond to the scopes provided when initiating SingPass login.
singpassEserviceId
Type: string
Optional alternative e-service ID. Defaults to the e-serviceId provided in the constructor.
Returns
Type: Promise<IPersonResponse>
An object containing the NRIC/FIN of the user and the attributes retrieved from MyInfo.
extractUinFin
.extractUinFin(accessToken)
accessToken
Type: string
The access token retrieved from the Token endpoint using .getAccessToken
.
Returns
Type: string
The decoded UIN/FIN contained in the access token JWT. The access token signature is verified before the JWT is decoded.
Available Test accounts
See a list of available MyInfo test accounts here.
Contributing
We welcome contributions to code open-sourced by the Government Technology Agency of Singapore. All contributors will be asked to sign a Contributor License Agreement (CLA) in order to ensure that everybody is free to use their contributions.