npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@tavexit/nemid

v1.0.11

Published

Node.js module for NemID authentication and signing

Downloads

6

Readme

nemid

Conventional Commits

Node.js module for NemID authentication and signing

Install

npm install @tavexit/nemid

Usage

Server:

const { NemID } = require('@tavexit/nemid')
const fs = require('fs')
const path = require('path')
const crypto = require('crypto')

// Example origin
const ORIGIN = 'https://localhost:8080'

// Paths to keys and certificates
const cert = path.join(__dirname, 'cert.der')
const key = path.join(__dirname, 'key.pem')
const issuer = path.join(__dirname, 'issuer.der')

const nemid = new NemID({
  clientKey: crypto.createPrivateKey({
    key: fs.readFileSync(key),
    format: 'pem',
    type: 'pkcs1'
  }),
  clientCert: fs.readFileSync(cert),
  serverCA: fs.readFileSync(issuer)
})

server.get('/authenticate', (req, res) => {
  return res.send(nemid.authenticate({ origin: ORIGIN }))
})

server.post('/authenticate/verify', (req, res) => {
  const response = req.body

  nemid.verifyAuthenticate(response)
    .then((userInfo) => {
      if (userInfo === false) {
        return res.send({ success: false })
      }

      // Can do stuff with userInfo now
      console.log(userInfo.serialNumber) // contains the user PID

      return res.send({ success: true })
    })
    .catch((err) => {
      // err is a NemIDError
      // Log the cause of the error on the server somehow
      console.error(err)
      // And send a user message to the client
      return res.send(err.userMessage.da)
    })
  })
})

Client:

const { getNemIDAuthContext } = require('@tavexit/nemid')
const { data: parameters } = await get('http://localhost:8080/authenticate')

const context = getNemIDAuthContext(parameters)

document.body.appendChild(context.element)

const result = await context.done;

const { data: success } = await post('http://localhost:8080/authenticate/verify', result)

Server API

const nemid = new NemID({ spid, clientKey, clientCert, serverCA, env = NemID.TEST })

Create a new NemID instance. Takes 5 arguments:

  • spid is the Service Provider ID, provided by Nets at registration.
  • clientKey must be the client private key provided by Nets. See the section below for how to extract the key from the service provider bundle.
  • clientCert must be the client certificate, including intermediate certs. See the section below for how to extract this from the service provider bundle.
  • serverCA must be the Nets root certificate. This can be downloaded from NemIDs website.
  • env is an object of endpoints for the different environments. Comes with NemID.TEST and NemID.PROD built in.

const parameters = nemid.authenticate({ origin })

Create a new authentication attempt, by generating the appropriate parameters to be passed to the client side script.

const userInfo = await nemid.verifyAuthenticate(response)

Verify the response from the NemID applet. May throw an error if the result was malformed or an error code from NemID. Otherwise returns false for an invalid attempt or a object describing the authenticated user.

const valid = nemid.matchCPR(pid, cpr)

Verify whether pid and cpr refer to the same person.

Client API

import { getNemIDAuthContext } from '@noeignite/nemid`;

const context = getNemIDAuthContext(parameters, prod = false)

Initialise a new NemID authentication context with parameters from the Server API and which origin frame to load. Defaults to test (appletk.danid.dk). Returns a context containing { element, done }.

const iframeElm = context.element

HTMLIFrameElement that you can place in the DOM.

const result = await context.done

Wait for the authentication to be done. Rejects in case of unexpected failure or resolves when there's a reply from NemID (which might not be a successful auth).

Styling

The element can be targeted by the CSS class nemid-iframe. Below is the default styling from NemID:

.nemid-iframe {
  border: 0;
  width: 320px;
  height: 480px;
}

Working with .p12

To extract all certificates, and print them to stdout:

openssl pkcs12 -in bundle.p12 -nokeys

Find you company certificate, and copy -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- inclusive and paste into a new file, eg cert.pem. This file is now in PEM format, but Nets requires it to be in DER format. It can be converted with:

openssl x509 -inform pem -outform der -text -in cert.pem -out cert.der

The remaining certificates from the first command were part of the certificate chain and need to be placed in their own file. Start by copying the sections including the start and end markers to their own file, eg. issuer.pem. Then convert them to DER format with:

openssl x509 -inform pem -outform der -text -in issuer.pem -out issuer.der

To extract the private key:

openssl pkcs12 -in bundle.p12 -nocerts -nodes

And copy the output including the start and end markers -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY----- to key.pem. This file does not need to be converted to DER format.

Note -nodes removes the passphrase from the private key. If you want to keep this, remove the option and supply your passphrase to crypto.createPrivateKey

License

ISC