Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@ordergroove/auth
Advanced tools
@ordergroove/auth - npm Package Compare versions
Comparing version 2.3.2 to 2.3.3
@@ -6,2 +6,10 @@ # Change Log | ||
| ## [2.3.3](https://github.com/evasilchenko/demo/tree/master/packages/auth/compare/@ordergroove/auth@2.3.2...@ordergroove/auth@2.3.3) (2023-12-15) | ||
| **Note:** Version bump only for package @ordergroove/auth | ||
| ## [2.3.2](https://github.com/evasilchenko/demo/tree/master/packages/auth/compare/@ordergroove/auth@2.3.1...@ordergroove/auth@2.3.2) (2023-12-07) | ||
@@ -8,0 +16,0 @@ |
| // Karma configuration | ||
| // Generated on Mon Apr 01 2019 14:32:09 GMT-0400 (EDT) | ||
| module.exports = function(config) { | ||
| module.exports = function (config) { | ||
| config.set({ | ||
@@ -6,0 +6,0 @@ // frameworks to use |
| { | ||
| "name": "@ordergroove/auth", | ||
| "version": "2.3.2", | ||
| "version": "2.3.3", | ||
| "description": "", | ||
@@ -28,3 +28,3 @@ "main": "dist/auth.js", | ||
| "license": "ISC", | ||
| "gitHead": "521fa43f980842f76be9c12ab20ed6473ab905f7" | ||
| "gitHead": "0110539ccd5202a8c19a67fa44e4d924dd597e89" | ||
| } |
@@ -0,6 +1,6 @@ | ||
| # Ordergroove Authentication | ||
| # Ordergroove Authentication | ||
| Given a [merchant auth endpoint](#merchant-auth-endpoint) this function tries to resolve the current auth. | ||
| If **og_auth** is in cookie it returns it, otherwise it call the merchant auth endpoint detecting | ||
| if response is JSON or cookie set by response header and return it. | ||
| if response is JSON or cookie set by response header and return it. | ||
@@ -14,11 +14,12 @@ ## Install | ||
| ## Usage | ||
| ### Node or webpack environment | ||
| ### Node or webpack environment | ||
| ```js | ||
| import auth from '@ordergroove/auth'; | ||
| const auth_url = 'http://some-merchant.com/ordergroove-auth.json' | ||
| const auth_url = 'http://some-merchant.com/ordergroove-auth.json'; | ||
| auth.reoslveAuth(auth_url).then(auth => { | ||
| const { sig_field, ts, sig } = auth; | ||
| console.log(auth); | ||
| const { sig_field, ts, sig } = auth; | ||
| console.log(auth); | ||
| }); | ||
@@ -28,13 +29,14 @@ ``` | ||
| ### UMD | ||
| It's exposed as `OG.auth` namespace | ||
| ```html | ||
| <script src="dist/auth.js"></script> | ||
| <script src="dist/auth.js"></script> | ||
| <script> | ||
| OG.auth.resolveAuth() | ||
| const auth_url = 'http://some-merchant.com/ordergroove-auth.json' | ||
| OG.auth.reoslveAuth(auth_url).then(auth => | ||
| const { sig_field, ts, sig } = auth; | ||
| console.log(auth); | ||
| }); | ||
| OG.auth.resolveAuth() | ||
| const auth_url = 'http://some-merchant.com/ordergroove-auth.json' | ||
| OG.auth.reoslveAuth(auth_url).then(auth => | ||
| const { sig_field, ts, sig } = auth; | ||
| console.log(auth); | ||
| }); | ||
| </script> | ||
@@ -46,12 +48,17 @@ ``` | ||
| #### reoslveAuth(auth_url) | ||
| Returns a promise with auth information | ||
| ##### auth_url | ||
| Authentication endpoint in merchant site. See below how to integrate this endpoint. | ||
| ##### auth_url | ||
| Authentication endpoint in merchant site. See below how to integrate this endpoint. | ||
| <a name="merchant-auth-endpoint"></a> | ||
| ## Authentication endpoint | ||
| This section details how to create an authentication page for OrderGroove. Users are authenticated for the secure display of the My Subscriptions Interface and Impulse Upsell offers. | ||
| Ordergroove support 3 ways of authenticate. | ||
| - Json endpoint | ||
@@ -62,4 +69,5 @@ - Response cookie authentication | ||
| ### JSON endpoint authentication | ||
| Json endpoint also known as _ajax auth_ consists in merchant implementing a page that returns a JSON representation of signature. | ||
| Json endpoint also known as _ajax auth_ consists in merchant implementing a page that returns a JSON representation of signature. | ||
| Merchant will need to set up an GET endpoint that's only accessible over HTTPS. This endpoint should output the following as JSON: | ||
@@ -81,12 +89,13 @@ | ||
| The fields are defined as follows: | ||
| | | | | | ||
| |--|--|--| | ||
| |public_id | Merchant Public ID. OrderGroove's identifier of PetSupermarket in our system | 8e09fff4b05711e7b962bc764e106cf4 | | ||
| | timestamp | Current Unix epoch timestamp. This will be a 10-digit number. | 1516309285 | | ||
| | sig_field | Merchant User ID. The ID of the customer with which you are authenticating | 123456789 | | ||
| | sig | HMAC signature. Using the HMAC sha256 hash function, generate a signature. The function inputs are a string and your private OrderGroove hash key. This string should be the concatenation of the user ID and the timestamp, separated by a pipe character, e.g. 123456789\|1516309285. | J623tGQuq3fJKB0C4t1+JcBAWzQo7CI/tXc8aRIVB3w= | | ||
| | | | | | ||
| | --------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------- | | ||
| | public_id | Merchant Public ID. OrderGroove's identifier of PetSupermarket in our system | 8e09fff4b05711e7b962bc764e106cf4 | | ||
| | timestamp | Current Unix epoch timestamp. This will be a 10-digit number. | 1516309285 | | ||
| | sig_field | Merchant User ID. The ID of the customer with which you are authenticating | 123456789 | | ||
| | sig | HMAC signature. Using the HMAC sha256 hash function, generate a signature. The function inputs are a string and your private OrderGroove hash key. This string should be the concatenation of the user ID and the timestamp, separated by a pipe character, e.g. 123456789\|1516309285. | J623tGQuq3fJKB0C4t1+JcBAWzQo7CI/tXc8aRIVB3w= | | ||
| #### Example: | ||
| ```python | ||
| ```python | ||
| signature = hash_hmac("sha256", "<SIG_FIELD>|<TIMESTAMP>", "<HASH_KEY>"); | ||
@@ -103,5 +112,7 @@ ``` | ||
| #### Path to Authentication Page | ||
| Please provide the relative path of this page to OrderGroove. The path should be the same in all environments. | ||
| #### og_auth Cookie & Signature Creation | ||
| When the `og-auth` page loads, you should create a signature and set it as a "secure" cookie and not HTTP only. Please refer to the HMAC authentication instructions in the Security section below. | ||
@@ -124,2 +135,3 @@ | ||
| Here is an example of setting the cookie in PHP | ||
| ```php | ||
@@ -131,5 +143,5 @@ setcookie("og_auth", "<user_id>|<seconds_since_epoch>|<signature>", time() + (60 * 60 * 2) /* 2 hour expire */, "/" /* available on all paths */ , "<merchant_domain>", true /* secure */); | ||
| ### Static authentication | ||
| ### Static authentication | ||
| Authentication provided on OG initialization. | ||
| TBD |
| import fetchMock from 'fetch-mock'; | ||
| import { resolveAuth } from './index'; | ||
| describe('AuthIframe - 200 response', function() { | ||
| describe('AuthIframe - 200 response', function () { | ||
| beforeEach(() => { | ||
@@ -90,3 +90,3 @@ fetchMock.mock('/auth', { | ||
| describe('AuthIframe - 404 response', function() { | ||
| describe('AuthIframe - 404 response', function () { | ||
| beforeEach(() => { | ||
@@ -93,0 +93,0 @@ fetchMock.mock('/auth', { |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.64%
25797
- Number of lines in readme file
- increased by9.38%
140
No dependency changes