@allthings/sdk - npm Package Compare versions

Comparing version 1.2.1 to 2.0.0

dist/src/rest/request.d.ts

 /// <reference types="node" />
+import { ITokenStore, TokenRequester } from '../oauth/types';
 import { IAllthingsRestClientOptions } from './types';
@@ -26,4 +27,4 @@ interface IFormOptions {
 export declare function responseWasSuccessful(response: Response): boolean;
-export declare function makeApiRequest(options: IAllthingsRestClientOptions, httpMethod: HttpVerb, apiUrl: string, apiMethod: string, accessToken: string, payload?: IRequestOptions): (previousResult: any, iteration: number) => Promise<Response>;
-export default function request(options: IAllthingsRestClientOptions, httpMethod: HttpVerb, apiMethod: string, payload?: IRequestOptions): RequestResult;
+export declare function makeApiRequest(oauthTokenStore: ITokenStore, oauthTokenRequester: TokenRequester, options: IAllthingsRestClientOptions, httpMethod: HttpVerb, apiMethod: string, payload?: IRequestOptions): (previousResult: any, iteration: number) => Promise<Response>;
+export default function request(oauthTokenStore: ITokenStore, oauthTokenRequester: TokenRequester, options: IAllthingsRestClientOptions, httpMethod: HttpVerb, apiMethod: string, payload?: IRequestOptions): RequestResult;
 export {};

dist/src/rest/types.d.ts

@@ -0,1 +1,2 @@
+import { TokenRequester } from '../oauth/types';
 import { MethodHttpDelete } from './delete';
@@ -60,2 +61,3 @@ import { MethodHttpGet } from './get';
     readonly apiUrl: string;
+    readonly authorizationCode?: string;
     readonly accessToken?: string;
@@ -67,2 +69,3 @@ readonly clientId?: string;
     readonly redirectUri?: string;
+    readonly refreshToken?: string | undefined;
     readonly requestBackOffInterval: number;
@@ -73,3 +76,13 @@ readonly requestMaxRetries: number;
     readonly username?: string;
+    readonly implicit?: boolean;
+    readonly authorizationRedirect?: (url: string) => any;
 }
+export interface IClientExposedOAuth {
+    readonly authorizationCode: {
+        readonly getUri: (state?: string) => string;
+        readonly requestToken: (authorizationCode?: string) => ReturnType<TokenRequester>;
+    };
+    readonly refreshToken: (refreshToken?: string) => ReturnType<TokenRequester>;
+    readonly generateState: () => string;
+}
 export interface IAllthingsRestClient {
@@ -81,2 +94,3 @@ readonly options: Required<IAllthingsRestClientOptions>;
     readonly patch: MethodHttpPatch;
+    readonly oauth: IClientExposedOAuth;
     readonly agentCreate: MethodAgentCreate;
@@ -83,0 +97,0 @@ readonly agentCreatePermissions: MethodAgentCreatePermissions;

package.json

 {
   "name": "@allthings/sdk",
-  "version": "1.2.1",
+  "version": "2.0.0",
   "description": "",
@@ -57,3 +57,4 @@ "author": "Allthings GmbH",
     "serve": "npx serve -l 3333",
-    "test:implicit-flow": "open http://localhost:3333/test/fixtures/implicit-flow?clientId=$ALLTHINGS_OAUTH_CLIENT_ID"
+    "test:implicit-flow": "open http://localhost:3333/test/fixtures/implicit-flow?clientId=$ALLTHINGS_OAUTH_CLIENT_ID",
+    "test:authorization-code": "open http://localhost:3333/test/fixtures/authorization-code?clientId=$ALLTHINGS_OAUTH_CLIENT_ID&clientSecret=$ALLTHINGS_OAUTH_CLIENT_SECRET"
   },
@@ -63,3 +64,2 @@ "dependencies": {
     "cross-fetch": "3.0.4",
-    "mem": "4.3.0",
     "query-string": "6.8.1"
@@ -73,8 +73,7 @@ },
     "@types/jest": "24.0.15",
-    "@types/mem": "1.1.2",
     "@types/nanoid": "1.2.1",
-    "@types/node": "10.14.10",
+    "@types/node": "10.14.12",
     "@types/query-string": "6.2.0",
     "coveralls": "3.0.4",
-    "form-data": "2.4.0",
+    "form-data": "2.5.0",
     "husky": "1.3.1",
@@ -87,3 +86,3 @@ "jest": "24.8.0",
     "rimraf": "2.6.3",
-    "rollup": "1.16.4",
+    "rollup": "1.16.6",
     "rollup-plugin-commonjs": "9.3.4",
@@ -90,0 +89,0 @@ "rollup-plugin-hashbang": "2.2.2",

README.md

@@ -13,2 +13,3 @@ Allthings Node/Javascript SDK
 1.  [OAuth Implicit Grant Example](#oauth-implicit-grant-example-example)
+1.  [OAuth Authorization Code Grant Example](#oauth-authorization-code-grant-example)
 1.  [Release management & versioning](#release-management--versioning)
@@ -89,2 +90,42 @@
 
+## OAuth Authorization Code Grant Example
+
+1. Initialize instance of `client`:
+```javascript
+const allthings = require('@allthings/sdk')
+
+const client = allthings.restClient({
+  clientId: '5d038ef2441f4de574005c54_example',
+  clientSecret: '40f63f981ff082dbc8d273983ac3852c2e51e90856123156',
+  redirectUri: 'https://example-app.com/callback'
+})
+```
+
+2. Construct a URI to send authorization request to using a `state` which should be unique per request and hard to guess. It can be generated with `client.oauth.generateState()` method:
+```javascript
+const state = client.oauth.generateState()
+const authorizationUri = client.oauth.authorizationCode.getUri(state)
+```
+
+3. Direct user's browser to the constructed URI.
+
+4. When user completes authentication process, he is redirected to the `redirectUri` having `code` and `state` query string arguments, e.g.:
+```
+https://example-app.com/callback?code=ebc110bee11b2829&state=k1bt3c1d0vnfu7qk
+```
+
+At this point `state` must be validated - if it doesn't match the one generated on step 2, such request is probably malicious and should be aborted.
+
+5. Use the code extracted from query parameters on the previous step to obtain an access token:
+
+```javascript
+await client.oauth.authorizationCode.requestToken(code)
+```
+
+6. Client is ready to make API requests:
+
+```javascript
+const user = await client.getCurrentUser()
+```
+
 ## API
@@ -91,0 +132,0 @@

No alert changes

Improved metrics

Total package byte prevSize

854946

increased by3.49%

Dependency count

3

decreased by-25%

Dev dependency count

28

decreased by-3.45%

Number of package files

71

increased by31.48%

Lines of code

36321

increased by1.72%

Number of lines in readme file

421

increased by10.79%

Dependency changes

• - Removedmem@4.3.0

• - Removedmap-age-cleaner@0.1.3(transitive)

• - Removedmem@4.3.0(transitive)

• - Removedmimic-fn@2.1.0(transitive)

• - Removedp-defer@1.0.0(transitive)

• - Removedp-is-promise@2.1.0(transitive)