Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
By Sarah Gooding - Dec 03, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@dbp-toolkit/auth
Advanced tools
Auth Web Components
You can install the components via npm:
npm i @dbp-toolkit/auth
Keycloak Component
Usage
<dbp-auth-keycloak url="https://auth.tugraz.at/auth" realm="tugraz" client-id="some-id"></dbp-auth-keycloak>
<script type="module" src="node_modules/@dbp-toolkit/auth/dist/dbp-auth.js"></script>
Attributes
lang(optional, default:de): set todeorenfor German or English- example
<dbp-auth-keycloak lang="de" </dbp-auth-keycloak>
- example
load-person(optional, default: off): if enabled the logged in user will also be loaded asPersonin thewindow.DBPPersonvariable- example
<dbp-auth-keycloak load-person></dbp-auth-keycloak>
- example
force-login(optional, default: off): if enabled a login will be forced, there never will be a login button- example
<dbp-auth-keycloak force-login></dbp-auth-keycloak>
- example
try-login(optional, default: off): if enabled the a login will happen if the user is already logged in and finishing the login process would not result in a page location change (reload/redirect).- example
<dbp-auth-keycloak try-login></dbp-auth-keycloak>
- example
Keycloak Specific Attributes
url(required): The base URL of the Keycloak serverrealm(required): The Keycloak realmclient-id(required): The Keycloak client to usesilent-check-sso-redirect-uri(optional): URI or path to a separate page for checking the login session in an iframe, see https://www.keycloak.org/docs/latest/securing_apps/#_javascript_adapterscope(optional): Space separated list of scopes to request. These scopes get added in addition to the default ones, assuming the scope is in the optional scopes list of the Keycloak client in use.
Events to listen to
dbp-auth-init: Keycloak init event - happens oncedbp-auth-person-init: Keycloak person init event - the person entity was loaded from the serverdbp-auth-keycloak-data-update: Keycloak data was updated - happens for example every time after a token refresh
Login Button
Usage
<dbp-login-button></dbp-login-button>
<script type="module" src="node_modules/@dbp-toolkit/auth/dist/dbp-auth.js"></script>
Local development
# get the source
git clone git@gitlab.tugraz.at:dbp/web-components/toolkit.git
cd toolkit/packages/auth
# install dependencies
yarn install
# constantly build dist/bundle.js and run a local web-server on port 8002
yarn run watch-local
# build local packages in dist directory
yarn run build
Jump to http://localhost:8002 and you should get a Single Sign On login page.
FAQs
Unknown package
The npm package @dbp-toolkit/auth receives a total of 2 weekly downloads. As such, @dbp-toolkit/auth popularity was classified as not popular.
We found that @dbp-toolkit/auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 27 Jan 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024