@openintegrationhub/iam-utils
v1.7.3
Published
Utils and express middleware for OIH IAM service
Downloads
10
Keywords
Readme
iam-utils
Utils and middleware for OIH IAM service
This library provides an express middleware to validate the tokens issued by OIH IAM service (Heimdal).
Env variables
process.env
IAM_TOKEN
: Service-Account token which is authorized to introspect other tokensINTROSPECT_TYPE
:basic
oroidc
. Default: basicINTROSPECT_ENDPOINT_BASIC
: IAM endpoint for basic token introspectionINTROSPECT_ENDPOINT_OIDC
: IAM endpoint for OIDC token introspectionOIDC_CLIENT_ID
: Your client id for OIDCOIDC_CLIENT_SECRET_
: Your client secret for OIDC
Usage
You can either use the util method getUserData
or the express middleware
.
async getUserData({ token, introspectType? })
Returns Promise
This method accepts a token and returns a promise, which either resolves with the decoded object or is rejected with an error.
It introspects the token with a given introspectType
(or with default, if not set).
middleware(req, res, next)
You can plug this express middleware into your application logic/router. It will check for an authorization
header containing the Bearer
token and call the getUserData
method internally.
The successfully decoded payload will be saved in req.user
object, e.g.:
{
"sub": "5b16927286b7f569feb1fae4",
"username": "[email protected]",
"role": "USER",
"memberships": [],
"permissions": []
}