@postnord/uas-sdk

An SDK to interact with v2 of the User Authority service. Typescript-friendly.

Installation

npm i @postnord/uas-sdk

Testing

npm t

Update expired test token

• Login to https://atportal.postnord.com/shared using user ncptestuser+ford@gmail.com.
• Look up the the request for token?oneTimeCode in the network tab of the developer console
• Get the token value from the response body
• Look for UNIFIED_LOGIN_USER_TOKEN in the .env file and replace the value

Usage

import UAS from '@postnord/uas-sdk'
const uasService = new UAS({ isStaging: !!process.env.IS_STAGING })

const run = async () => {
  // Call the getUser function with either an IAM accessToken or a JWT already issued by the UAS service

  // Use case #1: use an accessToken. The most common use case.
  const user = await uasService.getUser({ accessToken: '' })

  // Use case #2: you have an existing JWT token and you want methods to handle it.
  const user = await uasService.getUser({ jwtToken: '' })

  // Use case #3: you want UAS to issue a whole new token for you. The least common use case.
  const user = await uasService.getUser({ accessToken: '' }, { issueNewToken: true })
  const user = await uasService.getUser({ accessToken: '' }, { issueNewToken: true, selectedOrgs: ['5567409502'] })

  if (!user) {
    /* is not a business user thus does not exist in UAS */
  }

  /** Working with organizations **/

  // Use case #1: you want to operate on selected organizations. Most common use case.
  const orgs = user.organizations()

  // Use case #2: you want to disregard selections and operate on all organizations in the user's profile. Lest common use case.
  const orgs = user.organizations({ includeNonSelectedOrgs: true })

  // returns true if all organizations include the given authority
  orgs.containAuthority('3')

  // returns true if all organizations include at least one of given authorities
  orgs.containAnyAuthorities(['3', '19'])

  // return true if all of the given authorities exists in the organizations
  orgs.containAllAuthorities(['3', '19'])

  /** Working with customer numbers **/

  // returns a boolean indicating whether the user has the specified authority on the specified customer number
  user.verifyUserAccess({ authorityNumber: '3', customerNumber: '20137458' })

  // verify that the user is a Postnord admin and has the authority specified in the argument
  user.verifyAdminAccess({ authorityNumber: '19' })

  /** Token-specific utility functions **/

  // returns the unflattened view of the token object. See TS types.
  user.tokenContext.getDecodedToken()

  // returns the full JWT string
  user.tokenContext.getSignedToken()

  // returns a boolean indicating whether or not the issued JWT is expired
  user.tokenContext.isExpired()

  // returns the token's expiry date
  user.getExpiryDate()

  // This will call UAS with the returned token to verify the signature
  await user.tokenContext.verifyTokenSignature()
}

API documentation

See accompanied types

Feature requests

Hit us up at the #customerportal-user Slack channel