🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more
Sign In

@nrk/pin-delta-auth-dev

Package Overview
Dependencies
Maintainers
197
Versions
42
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@nrk/pin-delta-auth-dev

Development plugin providing OIDC authentication for local testing

latest
npmnpm
Version
0.23.0
Version published
Maintainers
197
Created
Source

@nrk/pin-delta-auth-dev

Development plugin providing OIDC authentication for testing @nrk/pin-delta-auth locally.

Installation

npm install -D @nrk/pin-delta-auth-dev

Vite Plugin Usage

// vite.config.ts
import { pinAuth } from '@nrk/pin-delta-auth-dev/vite';
import { defineConfig } from 'vite';

export default defineConfig({
  plugins: [
    pinAuth({
      issuer: 'https://preprod-innlogging.nrk.no',
      clientId: 'your-client-id',
      clientSecret: 'your-client-secret',
      serverOrigin: 'http://localhost:3000', // optional, auto-detected
    }),
  ],
  server: {
    port: 3000,
  },
});

Connect/Express Middleware

// server.js
import express from 'express';
import pinAuth from '@nrk/pin-delta-auth-dev/connect';

const app = express();

app.use(
  '/_auth',
  pinAuth({
    issuer: 'https://preprod-innlogging.nrk.no',
    clientId: 'your-client-id',
    clientSecret: 'your-client-secret',
    serverOrigin: 'http://localhost:3000',
  })
);

app.listen(3000);

Features

  • Test Users: Pre-configured test users at /_auth/login, overridable via testUsers
  • Profile Switching: Multi-identity support for testing child profiles
  • Token Refresh: Full OIDC token refresh flow
  • Session Cookies: Mimics production cookie behavior

Overriding test users

Both plugins accept an optional testUsers map keyed by the button label shown on /_auth/login. Each entry carries the email and password to send in the password-grant request, so the accounts must already exist in your OIDC issuer with matching credentials.

pinAuth({
  issuer: 'https://preprod-innlogging.nrk.no',
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  testUsers: {
    alice: { email: 'alice@test.example.no', password: 'AlicePass!' },
    bob: { email: 'bob@test.example.no', password: 'BobPass!' },
  },
});

Endpoints Provided

  • /_auth/login - Login page with test users
  • /_auth/logout - Logout and clear session
  • /_auth/session - Session info endpoint (used by browser client)
  • /_auth/goto?page=profile - Profile management

Configuration

// Vite plugin - serverOrigin is optional (auto-detected from Vite server config)
interface ViteOptions {
  issuer: string; // OIDC issuer URL
  clientId: string; // OIDC client ID
  clientSecret: string; // OIDC client secret
  serverOrigin?: string; // Your app URL (auto-detected)
  testUsers?: Record<string, { email: string; password: string }>; // Override login-page users (label -> credentials)
}

// Connect middleware - serverOrigin is required
interface ConnectOptions {
  issuer: string; // OIDC issuer URL
  clientId: string; // OIDC client ID
  clientSecret: string; // OIDC client secret
  serverOrigin: string; // Your app URL
  testUsers?: Record<string, { email: string; password: string }>; // Override login-page users (label -> credentials)
}

Keywords

oidc
authentication
vite
connect
development
nrk

FAQs

Package last updated on 04 Jun 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

The Code You Didn't Write Is Still Yours to Defend

Security News

The Code You Didn't Write Is Still Yours to Defend

AI agents are pulling packages into environments no scanner is watching, creating exposure before security teams can see it.

By Brad Arkin  -  Jun 23, 2026