node-red-contrib-auth-idaas-oidc
v0.0.5
Published
A OIDC authentication plugin for Node-RED
Downloads
2
Maintainers
hammoajReadme
Node-RED Authentication with OIDC
Node-RED plugin for authenticating users with OIDC.
This modules lets you restrict access to the Node-RED editor to specific OIDC users.
Note: this requires Node-RED 0.17 or later
Install
In your Node-RED user directory, typically ~/.node-red:
$ npm install node-red/node-red-auth-oidcUsage
Register a new OIDC application
To enable access control with OIDC, you must first a new application with your OIDC
provider. You will need to register a callback URL with your OIDC provider, this will
be the baseURL with /auth/strategy/callback appended.
Once created, you will be provided a Client ID and Client Secret that you will need to use to configure the authentication plugin. You will also need the authorization URL, the token URL and the issuer id.
You will also need to download the appropriate certificate file and put it in the NODE_RED_HOME directory.
Configure adminAuth
Access control for the Node-RED editor is configured in your settings.js file
using the adminAuth property.
adminAuth: require('node-red-auth-oidc')({
clientID: OIDC_CLIENT_ID,
clientSecret: OIDC_CLIENT_SECRET,
authorizationURL: 'https://SSOURL/authorize',
tokenURL: 'https://SSOURL/token',
issuer: 'https://SSOURL/isam',
baseURL: "http://localhost:1880/",
cert_path = ['/PATH_TO_CERT.cer'],
users: [
{ username: "[email protected]",permissions: ["*"]}
]
})The baseURL property is the URL used to access the Node-RED editor.
The users property is the list of OIDC users who are allowed to access the
editor. It is the same as used by adminAuth as described in the security documentation, but without the password property.
A default user can be specified by adding a default property to the options object:
users: [
...
],
default: {
permissions: "read"
}Copyright and license
Copyright JS Foundation and other contributors, http://js.foundation under the Apache 2.0 license.