npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

b2trader.identity.auth

v1.2.0

Published

This is the library implemented authorization into B2Trader via Identity server.

Downloads

26

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

trfronttrfront

Keywords

Readme

b2trader.identity.auth

Description

Use this library to introduce authorization via IdentityServer for B2Trader.

How to use

Install the library

First, install the library using npm:

npm i b2trader.identity.auth

Sign in

Next, create an instance of the IdentityAuth class with the following arguments:

  • set URL to IdentityServer
  • set the client ID (spa or spa_admin)
  • the remaining parameter is a client secret, which is needed only if the client is spa_admin

| name | type | is required | | ----------------- | ----------------------------------------------------------------------------- | ------------------------------------------------------------------ | | identityServerUrl | string | required | | clientId | 'spa' or 'spa_admin' and core_ib or lk for machine-to-machine sign in | required | | clientSecret | string | required in case with clientId is spa_admin, core_ib or lk |

After this, proceed as follows:

To sign in via IdentityServer, you need to send several requests in a certain order.

  1. Call signIn(email, password) and provide the user email and password as arguments.

    Here is an example of a successful answer:

    {
  "secondFactorRequired": false,
  "account": {
    "nickname": "someNickname",
    "email": "[email protected]",
    "id": "10e3bfcf-56f7-421d-84ea-1700209ae121"
  }
}

    Here is a sample response to an incorrect email or password:

    {
  "errors": [
    {
      "code": "SignInUnsuccessful",
      "message": "The sign-in was unsuccessful"
    }
  ]
}

  2. Call authorize() to get the authorization code.

    In response to this request, a redirect message is sent.

    If the provided data is correct, you are redirected to:

    https://example.com/sign-in-done?code=ebd6574c9a734ec47b375dbfff951964a8935e0e9690a00be80b54a3d7ff48b2&scope=openid%20profile%20FrontOffice%20BackOffice%20offline_access&state=f27332fa-4e7a-4a82-a586-00e58ec63333&session_state=QjgS-hVe-y9rdqjIKxHyf4Jp9iT8uFxIijYsnHuRIoU.1a16e4bc02f924a173a684122e41c5ce

    If some of the provided data is incorrect, you are redirected to:

    https://example.com/identity/unauthorized

  3. Call retrieveToken(authorize_code) to obtain data with tokens.

    Here is a sample response you get upon specifying a correct authorize_code:

    {
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTU1MDE4MjQsImV4cCI6M....",
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE2NTU1MDE4MjQsImV4c....",
  "expires_in": 60,
  "token_type": "Bearer",
  "refresh_token": "d1176eb2c6543c476c7594ef236097543c16ef8c5d288016d296c4ff88f58755",
  "scope": "openid FrontOffice offline_access"
}

    If something is wrong or the code is incorrect, you get an Unauthorized-type response:

    {
  "type": "https://tools.ietf.org/html/rfc7235#section-3.1",
  "title": "Unauthorized",
  "status": 401,
  "traceId": "00-f6213a0fd91d5a4a34416e6888533e62-eef840f862681e70-00"
}

With the actual tokens at hand, you can use access_token to access FrontOffice and/or BackOffice.

For this, you only need to include access_token in headers: Authorization: Bearer access_token

Refresh the token

By default, access_token for spa and spa_admin users is valid for 30 seconds. When the time period in seconds specified for the expires_in parameter (in a retrieveToken or refreshToken request) expires, the token must be refreshed to continue sending requests.

To refresh the token, call refreshToken(refreshToken: string) with the latest refresh token specified as a parameter. The same refresh_token can only be used once.

Sign out

To revoke tokens and sign out, call the signOut(accessToken: string, refreshToken?: string) method.

If the refresh_token parameter is not specified, all the refresh tokens issued are revoked for credentials matching the current user/clientId combination.

Once logged out, the access_token is valid until it expires (for spa users, in 30 seconds by default). To revoke the token, it must be removed from the local storage on the client side.

Sign In (machine-to-machine - not for browsers)

To sign in using IdentityServer by following a machine-to-machine authorization flow, create an instance of the IdentityAuth class with custom parameters:

const b2TraderApiUrl = 'https://example.com';
const identityAuthMachineToMachine = new IdentityAuth(b2TraderApiUrl, 'core_ib', 'some_core_ib_secret');
const authResponse = await identityAuthMachineToMachine.machineToMachineSignIn('[email protected]', 'pass');

Use the following combinations of credentials to enable the machine-to-machine flow:

  • clientId = lk, clientSecret = some_lk_secret
  • clientId = core_ib, clientSecret = some_core_ib_secret

Examples

Browser, clientId = spa

import {IdentityAuth} from 'b2trader.identity.auth';

const b2TraderApiUrl = 'https://example.com';
const identityAuth = new IdentityAuth(b2TraderApiUrl, 'spa');

const signInResponse = await identityAuth.signIn('login', 'password');
const authorizeCode = await identityAuth.authorize();
const tokenData = await identityAuth.retrieveToken(authorizeCode);

Browser, client = spa_admin

import {IdentityAuth} from 'b2trader.identity.auth';

const b2TraderApiUrl = 'https://example.com';
const identityAuth = new IdentityAuth(b2TraderApiUrl, 'spa_admin', 'client_secret_admin');

const signInResponse = await identityAuth.signIn('login', 'password');
const authorizeCode = await identityAuth.authorize();
const tokenData = await identityAuth.retrieveToken(authorizeCode);

NodeJS

const identity = require('b2trader.identity.auth');

const b2TraderApiUrl = 'https://example.com';
const identityAuth = new identity.IdentityAuth(b2TraderApiUrl, 'spa');

identityAuth
  .signIn('[email protected]', 'pass')
  .then(response => response.headers.get('set-cookie'))
  .then(cookies => identityAuth.authorize({Cookie: cookies}))
  .then(code => identityAuth.retrieveToken(code))
  .then(authData => {
    /* some code aith authorized user */
  });

License

(BSD) The b2trader.identity.auth is licensed under a permissive 3-clause BSD license. Contributions must be made under the same license.