npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

astor

v0.1.5

Published

Astor is a command line development tool for token-based authentication.

Downloads

18

Readme

Astor

Astor is a command line development tool for token-based authentication systems. It allows you to issue JWT and SWT for testing and development. You can also store settings like issuers and user profile to easly combine them:

$ astor issue -issuer myissuer -profile [email protected] -audience http://relyingparty.com/

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lI
joiTGVhbkIiLCJhdWQiOiJodHRwOi8vcmVseWluZ3BhcnR5LmNvbS8iLCJpc3MiOiJodHRwOi8vbXlpc3N1ZXIuY29tLyIsImlhdCI6MTM5NzM3NjU5MX0
.d6Cb0IQsltocjOtLsfXhjseLcZpcNIWnHeIv4bqrCv4

You can even store this combinations of issuer, profile, audience and other options with a friendly name to reuse on the future:

$ astor issue -s myCombinationName

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lI
joiTGVhbkIiLCJhdWQiOiJodHRwOi8vcmVseWluZ3BhcnR5LmNvbS8iLCJpc3MiOiJodHRwOi8vbXlpc3N1ZXIuY29tLyIsImlhdCI6MTM5NzM3NjU5MX0
.d6Cb0IQsltocjOtLsfXhjseLcZpcNIWnHeIv4bqrCv4

Installation

$ npm install -g astor

Usage

$ astor --help

  Usage: astor [options] [command]

  Commands:

    issue                  Issues a token with the specified options.
    add-issuer             Add a new issuer to configuration.

  Options:

    -h, --help                     output usage information
    -V, --version                  output the version number
    -f, --format [format]          Specify token format. Supported formats: jwt (default) and swt.
    -i, --issuer [issuer]          Load [issuer] settings from configuration.
    -n, --issuerName [issuerName]  Specify issuer name.
    -l, --loadIssuerKey [file]     Specify issuer\'s key (public or private). Relative path to key file in PEM format.
    -k, --issuerKey [key]          Specify issuer\'s key (public or private).
    -a, --audience [audience]      Specify audience for the token.
    -s, --session [sessionName]    Load a previous saved options with name [sessionName] for configuration.
    -p, --profile [profile]        Load user profile with name [profile] from configuration.
    -e, --expiration [expiration]  Specify expiration in minutes for the token. Default is 60 minutes.
    -o, --output [output]          Saves output into a file with name [output].

Commands

issue

astor issue command allows you to issue tokens. You can specifiy all information required to issue the token using arguments or load options from configuration.

$ astor issue -issuer myissuer -profile [email protected] -audience http://relyingparty.com/

Basic Options:

  • -f, --format [format] (optional) Specifies token format. Supported formats are jwt and swt. If not specified it will use jwt as default.
  • -n, --issuerName [issuerName] (optional) Specifies issuer name if not loaded from configuration.
  • -k, --issuerKey [key] (optional) Specifies issuer key (string) if not loaded from configuration.
  • -l, --loadIssuerKey [file] (optional) Specifies issuer key file if not loaded from configuration.
  • -a, --audience [audienceUri] (optional) Specifies audience for the token, if not specified token will not have audience.
  • -e, --expiration [expiration] (optional) Specifies expiration in minutes for the token. Default is 60 minutes.
  • -o, --output [output] (optional) Saves output into a file with name [output].

Load from config options:

  • -i, --issuer [issuerName] (optional) Load issuer settings (name and privateKey) from configuration.
  • -p, --profile [profile] (optional) Load user profile from configuration.
  • -s, --session [session] (optional) Load the whole options: token format, issuer, user profile, audience and expiration, from configuration.

####Issue a JWT specifing issuer name, issuer key file and audience.

$ astor issue -n http://myissuer.com/ -l privateKey.key -a http://relyingparty.com/

Create user profile...
Here you have some common claimtypes, just in case:
- Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
- Email: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email
- Name Identifier: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
- User Principal: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn

claim type (empty for finish): http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
claim value: LeanB
claim type (empty for finish): http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email
claim value: [email protected]

Would you like to save the profile? yes
Enter a name for saving the profile: [email protected]

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoi
TGVhbkIiLCJhdWQiOiJodHRwOi8vcmVseWluZ3BhcnR5LmNvbS8iLCJpc3MiOiJodHRwOi8vbXlpc3N1ZXIuY29tLyIsImlhdCI6MTM5NzM3NjU5MX0.
d6Cb0IQsltocjOtLsfXhjseLcZpcNIWnHeIv4bqrCv4

Would you like to save the session settings? yes
Enter session name: myissuer-jwt-leanb

####Issue a JWT, loading user profile from configuration.

If you don't use -p argument you will be prompt for creating user profile, you will also have the option of saving the profile in configuration for the future. In the previous example I'm saving user profile as [email protected] so next time I don't need to enter claim types and claim values manualy:

$ astor issue -n http://myissuer.com/ -l privateKey.key -p [email protected] -a http://relyingparty.com/

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoi
TGVhbkIiLCJhdWQiOiJodHRwOi8vcmVseWluZ3BhcnR5LmNvbS8iLCJpc3MiOiJodHRwOi8vbXlpc3N1ZXIuY29tLyIsImlhdCI6MTM5NzM3NjU5MX0.
d6Cb0IQsltocjOtLsfXhjseLcZpcNIWnHeIv4bqrCv4

Would you like to save the session settings? yes
Enter session name: [email protected]

You can also load issuer settings (name and privateKey) from configuration (use add-issuer command to save issuer configuration first):

Issue a JWT, loading issuer and user profile from configuration.

$ astor issue -i myissuer -p [email protected] -a http://relyingparty.com/ 

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoi
TGVhbkIiLCJhdWQiOiJodHRwOi8vcmVseWluZ3BhcnR5LmNvbS8iLCJpc3MiOiJodHRwOi8vbXlpc3N1ZXIuY29tLyIsImlhdCI6MTM5NzM3NjU5MX0.
d6Cb0IQsltocjOtLsfXhjseLcZpcNIWnHeIv4bqrCv4

Would you like to save the session settings? yes
Enter session name: [email protected]

####Issue a JWT, loading the whole settings from configuration

After each issue session you will be prompt for saving the session settings for the future, this will allow you to use the -s argument to load the whole settings next time:

$ astor issue -s [email protected]

add-issuer

astor add-issuer command allows you to store issuer information (name and private key) in configuration to use in future issue sessions using the -i argument.

$ astor add-issuer -n http://myissuer.com/ -k MIICDzCCAXygAwIBAgIQVWXAvbbQyI5BcFe0ssmeKTAJBg=
Enter a friendly name for the issuer (http://myissuer.com/): myissuer

Options:

  • -n, --issuerName [issuerName] (optional) Specifies issuer name if not loaded from configuration.
  • -k, --issuerKey [key] (optional) Specifies issuer key (string) if not loaded from configuration.
  • -l, --loadIssuerKey [file] (optional) Specifies issuer key file if not loaded from configuration.

####Add Issuer with key file

$ astor add-issuer -n http://myissuer.com/ -l privateKey.pem
Enter a friendly name for the issuer (http://myissuer.com/): myissuer

####Use added issuer on a issue session

$ astor issue -i myissuer -p [email protected] -a http://relyingparty.com/ 

Hack it!

Astor saves configuration in astor.config file, you will find the file in your home directory so you can add, remove or modify user profiles, issuers, and issue sessions very easy!

{
  "profiles": {
    "[email protected]": {
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "Leandro Boffi",
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email": "[email protected]"
    },
    "[email protected]": {
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "John Smith",
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/email": "John Smith",
      "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role": "Sales Manager",
    }
  },
  "issuers": {
    "contoso": {
      "name": "contoso",
      "privateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwST\n-----END RSA PRIVATE KEY-----\n"
    },
    "myissuer": {
      "name": "http://myissuer.com/",
      "privateKey": "MIICDzCCAXygAwIBAgIQVWXAvbbQyI5BcFe0ssmeKTAJBg="
    }
  }
}

Supported Token Formats

Astor supports different token formats:

Next Steps

  • Add token validate
  • Add token request flows
  • Add SAML token formats

License

MIT