npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

oauth2-api-azure

v0.1.7

Published

A node OAuth2 API on Azure Authentication and Authorization Role-Base-Access-Control (RBAC) wrapper providing support for OAuth2 token-based authentication and RBAC authorization scenarios.

Downloads

10

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dannygardannygar

Keywords

OAuthoauth2azureapiwebtypescriptbearerauthenticationauthorization

Readme

Find it on GitHub

A node OAuth2 API on Azure Authentication and Authorization Role-Base-Access-Control (RBAC) wrapper providing support for OAuth2 token-based authentication and RBAC authorization scenarios for typescript.

Build Status

import * as oauth from "oauth2-api-azure";
import * as authMiddleware from "oauth2-api-azure.middleware";
import express from "express";
import session from "express-session";

let app = express();
app.use(session());

// load auth settings
const authSettings: IAuthSettings { ... }
const passportAuthOptions: IPassportOptions { ... }

// init auth params
oauth.authInit(authSettings, validateUserRoleCallback);

// init auth middleware
const authMiddleware = new authentication.OAuthMiddleware(authSettings,passportAuthOptions, apiHostname, baseApiUrl);

// add Auth routes
app = authMiddleware.setAppHandler(app);

app.get('/api/get',
    // here goes the Azure OAuth2 Middleware
    authMiddleware.authenticate(SecurityStrategies.BEARER),
    (req, res) => {
        res.send('Hello World');
});

app.listen(3000)

Installation

This is a Node.js module available through the npm registry.

Before installing, download and install Node.js. Node.js 0.10 or higher is required.

Installation is done using the npm install command:

$ npm install oauth2-api-azure

Before beginning, you must configure and register your Web API in your Azure AD subscription. It is also expected that you are a Global Admin on your Azure AD. Follow our Azure AD Configuration Guide for more details.

Then, use our sample projects with your Azure AD settings to run and test your secure Web API.

Features

  • Hides complexity of OAuth2 implementation
  • Focus on fast get started experience
  • Supports interactive (user sign-in) and non-interactive (bearing the JWT token) authentication flow scenarios
  • Test coverage
  • Proven on multiple customer engagements

Docs & Community

Examples

To view and run the examples, clone the OAuth2-api-azure repo and install the dependencies:

$ git clone https://github.com/Microsoft-Projects/oauth2-api-azure.git --depth 1
$ cd oauth2-api-node
$ npm install

First, you must configure each example, please make sure the .env file exists in each sample directory and contains the valid settings for the following environment variables:

  • TENANT_ID="d197a05e-...."
  • CLIENT_ID="3d95c..."
  • CLIENT_SECRET="LMJ#])?..."
  • RESOURCE_ID="0472a9...."
  • RBAC_GROUP="API Users" // only required for the authorization flow
  • PORT=3000

Authentication Example

To test the OAuth2 authentication scenario, go to the authentication sample folder. Make sure that you've completed the steps for Azure AD app registration shown in AzureADConfigurationGuide document. Create a .env file that should contain the environment variables for your Azure AD. Then install and run in the bash command line:

$ cd examples/authentication
$ npm install
$ npm start

You can test it from PostMan, Fiddler or any other UI where you could create the GET Http method and obtain the JWT token from Azure AD.

User Authorization (RBAC) Example

To test the Azure AD RBAC authorization scenario, go to the authorization sample folder. Make sure that you've completed the steps for Azure AD app registration shown in AzureADConfigurationGuide document. Create a .env file that should contain the environment variables for your Azure AD. Then install and run in the bash command line:

$ cd examples/authorization
$ npm install
$ npm start

You can run it any internet browser, by going into the address line and typing the following URL:

http://localhost:3000/api/hello/John (or any other name of your choice)

If you've configured correctly your Azure AD and provided the valid environment settings, and after signing into your Azure AD with your credentials, you should expect to get the following message back:

doc/assets/readmepic01.png

Otherwise, if your user isn't member of the AD group specified in the environment variables .env file, or cannot be authenticated with Azure AD, you should expect to get the following message back:

doc/assets/readmepic02.png

Tests

To run the test suite, first install the dependencies, then run npm test:

$ npm install
$ npm test

You can also constantly check for any changes to pass the test by running the following command:

$ npm run watch

License

MIT