@ovotech/pol-auth-axios
v0.1.1
Published
Keycloak Auth
Downloads
1,523
Maintainers
Keywords
Readme
Pol Axios Auth
Retrieve access tokens for pol oauth. Respect access token and refresh token expiry.
Usage
import { authenticate } from "@ovotech/pol-auth-axios";
const tokens1 = await authenticate({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
});
// { accessToken: '...', accessTokenExpires: 1553068047 }
console.log(tokens1);
// ... some time passes
const tokens2 = await authenticate({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
audience: "DirectCredits",
previous: auth,
});
After the initial call, doing another authenticate
with a previous
argument would either - return the same response, if the authToken is still valid or expired, generate a new authToken.
By default it would give you a leeway of 10 seconds for the expiry checks, so auth and refresh tokens are expired 10 seconds earlier. You can configure this with the margin
argument
const auth1 = await authenticate({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
audience: "DirectCredits",
// consider tokens expired 15 seconds earlier
margin: 15,
});
Usage with a class
If you want to encapsulate the state of the tokens inside of a class object, you can use the PolAuth
class:
import { PolAuth } from "@ovotech/pol-auth-axios";
const auth = new PolAuth({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
audience: "DirectCredits",
});
const tokens1 = await auth.authenticate();
// ... sometime passes
const tokens2 = await auth.authenticate();
Usage with axios
You can use the axios interceptor to add a bearer auth token to the requests automatically.
import axios from "axios";
import { polAuthAxios } from "@ovotech/pol-auth-axios";
const api = axios.create({ baseURL: "http://service.example.com" });
const auth = polAuthAxios({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
audience: "DirectCredits",
});
api.interceptors.request.use(auth);
// Would be called with Authorization: Bearer <authToken>
const response = await api.get("/test");
Error handling
If there is an api error, you'll get an PolAuthError
import { authenticate, PolAuthError } from "@ovotech/pol-auth-axios";
try {
const tokens1 = await authenticate({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
audience: "DirectCredits",
});
} catch (error) {
if (error instanceof PolAuthError) {
console.log(error.message, error.code, error.errors);
}
}
Low level usage
You can also call the login
functions directly, to get the raw server responses.
import { login, refresh } from "@ovotech/pol-auth-axios";
const tokens1 = await login({
authUrl: "http://auth/authentication/v1.0.0/oauth/token",
clientId: "...",
clientSecret: "...",
audience: "DirectCredits",
});
Running the tests
Then you can run the tests with:
yarn test
Coding style (linting, etc) tests
Style is maintained with prettier and tslint
yarn lint
Deployment
Deployment is performed by lerna automatically on merge / push to master, but you'll need to bump the package version numbers yourself. Only updated packages with newer versions will be pushed to the npm registry.
Contributing
Have a bug? File an issue with a simple example that reproduces this so we can take a look & confirm.
Want to make a change? Submit a PR, explain why it's useful, and make sure you've updated the docs (this file) and the tests (see test folder).
License
This project is licensed under Apache 2 - see the LICENSE file for details