Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@labshare/services-auth

Package Overview
Dependencies
Maintainers
16
Versions
54
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@labshare/services-auth

LabShare Services plugin for resource scope-based HTTP route and socket authorization

  • 2.1.5
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
Maintainers
16
Weekly downloads
 
Created
Source

semantic-release Greenkeeper badge Coverage Status codecov

Services Auth

@labshare/services-auth is an Express.js middleware plugin that integrates with Express.js APIs to provide API Resource Scope authorization with RS256 JWT validation.

Install

npm i @labshare/services-auth --save

Options

  • authUrl (String) - The base URL for a remote LabShare Auth service. Example: https://a.labshare.org/_api. Required if secretProvider is not specified.
  • tenant (String) - The LabShare Auth Tenant ID the API service is registered to. Required if secretProvider is not specified.
  • audience (String) - An optional API service identifier used for JWT audience validation. This is the identifier of an API service (OAuth Resource Server) registered to the LabShare Auth system.
  • issuer (String) - Optional value for validating the JWT issuer (the iss claim).
  • secretProvider (Function) - An optional, custom function for obtaining the signing certificate for RS256. The signature is (req, header: {alg: string}, payload, cb: (error: Error, signingCert: string) => void): void.

Usage

LabShare Services

This example demonstrates scope-based authorization for an HTTP API module using @labshare/services to load the route definition. With the configuration below, only JWTs containing an audience of https://my.api.identifier/resource and a read:users scope would be allowed to access the API route. Additionally, the JWT would be validated against the JSON Web Key Set of the specified LabShare Auth Tenant.

// api/users.js

module.exports = {
    routes: [
        {
            path: '/users',
            httpMethod: 'GET',
            middleware: getUsers,
            scope: [
                'read:users'
            ]
        }
    ]
}
// index.js

const {Services} = require('@labshare/services');
const servicesAuth = require('@labshare/services-auth');

const services = new Services(/* options */);

// Adds scope-based route authentication and authorization to LabShare Service routes and sockets
services.config(servicesAuth({
    authUrl: 'https://ls.auth.io/_api',
    audience: 'https://my.api.identifier/resource',
    issuer: 'LabShare Auth',
    tenant: 'my-tenant'
}));

services.start();

Express.js

The @labshare/services-auth module exports generic Express.js middleware for route authentication.

// index.js

const app = require('express')();
const servicesAuth = require('@labshare/services-auth');

// Adds route authentication to the Express.js routes
app.use('/protected/*', servicesAuth.express({
    authUrl: 'https://ls.auth.io/_api',
    audience: 'https://my.api.identifier/resource',
    issuer: 'LabShare Auth',
    tenant: 'my-tenant'
}));

app.listen(3000);

Development

  1. Install Node.js >= 8.11.2
  2. npm i

Tests

npm test

Keywords

FAQs

Package last updated on 20 Feb 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc