node-red-contrib-auth-idaas-oidc
v0.0.5
Published
A OIDC authentication plugin for Node-RED
Downloads
3
Maintainers
Readme
Node-RED Authentication with OIDC
Node-RED plugin for authenticating users with OIDC.
This modules lets you restrict access to the Node-RED editor to specific OIDC users.
Note: this requires Node-RED 0.17 or later
Install
In your Node-RED user directory, typically ~/.node-red
:
$ npm install node-red/node-red-auth-oidc
Usage
Register a new OIDC application
To enable access control with OIDC, you must first a new application with your OIDC
provider. You will need to register a callback URL with your OIDC provider, this will
be the baseURL
with /auth/strategy/callback
appended.
Once created, you will be provided a Client ID and Client Secret that you will need to use to configure the authentication plugin. You will also need the authorization URL, the token URL and the issuer id.
You will also need to download the appropriate certificate file and put it in the NODE_RED_HOME directory.
Configure adminAuth
Access control for the Node-RED editor is configured in your settings.js
file
using the adminAuth
property.
adminAuth: require('node-red-auth-oidc')({
clientID: OIDC_CLIENT_ID,
clientSecret: OIDC_CLIENT_SECRET,
authorizationURL: 'https://SSOURL/authorize',
tokenURL: 'https://SSOURL/token',
issuer: 'https://SSOURL/isam',
baseURL: "http://localhost:1880/",
cert_path = ['/PATH_TO_CERT.cer'],
users: [
{ username: "[email protected]",permissions: ["*"]}
]
})
The baseURL
property is the URL used to access the Node-RED editor.
The users
property is the list of OIDC users who are allowed to access the
editor. It is the same as used by adminAuth
as described in the security documentation, but without the password
property.
A default user can be specified by adding a default
property to the options object:
users: [
...
],
default: {
permissions: "read"
}
Copyright and license
Copyright JS Foundation and other contributors, http://js.foundation under the Apache 2.0 license.