@ministryofjustice/hmpps-auth-clients
Advanced tools
Clients for authenticating and verifying tokens using the HMPPS Authentication estate
This package provides reusable clients for interacting with HMPPS Auth and the HMPPS Token Verification API. It abstracts the logic for:
This library is currently: ready to adopt.
Teams are encouraged to use this library. Please provide feedback via slack to the #typescript channel.
npm install hmpps-auth-clients
An example of using AuthenticationClient to retrieve a system token or a user token from HMPPS Auth:
import AuthenticationClient from 'hmpps-auth-clients/dist/AuthenticationClient'
import ConsoleLogger from 'bunyan' // Example logger; you can use your own
const authClient = new AuthenticationClient(
{
systemClientId: 'your-system-client-id',
systemClientSecret: 'your-system-client-secret',
...ApiConfig
},
logger,
)
// Get a system (anonymous) token
const systemToken = await authClient.getToken()
// Optionally, perform a system action on behalf of a user
const userToken = await authClient.getToken('some-user')
Use VerificationClient to verify tokens against the HMPPS Token Verification API:
import VerificationClient from 'hmpps-auth-clients/dist/VerificationClient'
import ConsoleLogger from 'bunyan'
const verificationClient = new VerificationClient(
{
enabled: true,
...ApiConfig
},
logger,
)
// If your request object has a user and token, you can verify it:
const isTokenValid = await verificationClient.verifyToken({
user: { username: 'some-user', token: 'jwt-token-here' },
})
Using RedisTokenStore to persist tokens in Redis (useful for distributed or scalable environments):
import { createClient } from 'redis'
import RedisTokenStore from 'hmpps-auth-clients/dist/tokenStores/RedisTokenStore'
// Create and connect a Redis client
const redisClient = createClient()
await redisClient.connect()
// Create the token store instance
const redisTokenStore = new RedisTokenStore(redisClient)
// Store and retrieve a token
await redisTokenStore.setToken('some-key', 'my-token', 3600) // 1 hour expiry
const token = await redisTokenStore.getToken('some-key') // 'my-token'
Using InMemoryTokenStore to store tokens in memory (suitable for local development):
import InMemoryTokenStore from 'hmpps-auth-clients/dist/tokenStores/InMemoryTokenStore'
const inMemoryStore = new InMemoryTokenStore()
await inMemoryStore.setToken('some-key', 'my-token', 3600)
const token = await inMemoryStore.getToken('some-key') // 'my-token'
This module uses rollup, to build:
npm run lint-fix && npm run build && npm run test
cd to this directory and then link this library: npm linknpm link @ministryofjustice/hmpps-auth-clientsFAQs
Clients for authenticating and verifying tokens using the HMPPS Authentication estate
We found that @ministryofjustice/hmpps-auth-clients demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket Firewall Enterprise is now available with flexible deployment, configurable policies, and expanded language support.
Security News
Open source dashboard CNAPulse tracks CVE Numbering Authorities’ publishing activity, highlighting trends and transparency across the CVE ecosystem.
Product
Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.