Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
@cognite/auth-wrapper
Advanced tools
Readme
This package is deprecated due to low usage. We instead recommend to use SDK for your auth provider, like the msal package for Microsoft Azure AD.
The @cognite/auth-wrapper
is an OpenID Connect/OAuth 2.0 Wrapper library written in js that provides a convenient way to retrieve access token from any IdP that meets the openid pattern. You can use on client-side or server-side with JavaScript applications.
There are some guides to help you to start using any of our available authentication methods. The guides are at authentication.md.
There are small bare-bones typescript projects in the samples/
directory.
They show how to include to retrieve a token with cognite Auth Wrapper by different methods.
The samples' README.md has instructions for running the samples.
E.g: Client Credentials
import { CogniteAuthWrapper } from '@cognite/auth-wrapper';
const token = await CogniteAuthWrapper.load(
'client_credentials',
{
authority: 'your_authority',
client_id: 'your_client_id',
grant_type: 'your_grant_type',
client_secret: 'your_client_secret',
scope: 'your_scope'
}
).login();
Contributions welcome! For details about commiting changes, automated versioning and releases, see Contributing.
This repo contains some integration tests that require some IdP credentials to run. You can use your own IdP credentials, talk to any of the contributors or leave an issue and it'll get sorted. Github Actions will run the test and has its own api key.
Run tests:
npm install
npm test
We use jest
to run tests, see their documentation for more information.
Wondering about upcoming or previous changes to the auth-wrapper? Take a look at the CHANGELOG.
The libraries follow Semantic Versioning. Package versions are updated automatically and individually based on commit messages.
FAQs
⛔️ DEPRECATED - A OpenID Connect/OAuth 2.0 auth wrapper.
We found that @cognite/auth-wrapper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.