Socket
Socket
Sign inDemoInstall

airmap-auth

Package Overview
Dependencies
22
Maintainers
1
Versions
22
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 2.0.2 to 3.0.0

.idea/encodings.xml
.idea/js-auth.iml
.idea/misc.xml
.idea/modules.xml
.idea/vcs.xml
.idea/workspace.xml

4

API.md

@@ -80,3 +80,3 @@ ## Modules

### airMapAuth.getUserId() ⇒ <code>string</code>
Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
This method can be used to retrieve the user's AirMap Id for calls to other AirMap APIs like the Pilot API, which returns a Pilot's profile.

@@ -90,3 +90,3 @@

### airMapAuth.getUserToken() ⇒ <code>string</code>
Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.

@@ -93,0 +93,0 @@ **Kind**: instance method of [<code>AirMapAuth</code>](#AirMapAuth)

150

dist/AirMapAuth.js

@@ -9,3 +9,3 @@ 'use strict';

var auth0 = require('auth0-js');
var oidc = require('oidc-client');
var jwt = require('jsonwebtoken');

@@ -43,3 +43,3 @@

// Checks for Auth0 Config Variables
// Checks for oidc Config Variables
if (!config || typeof config.auth0 === 'undefined') {

@@ -60,13 +60,16 @@ throw new BadConfigError('auth0');

this._tokenName = 'AirMapUserToken';
this._domain = this.opts.domain;
this._authority = 'https://' + this.opts.domain + '/realms/' + this.opts.realm + '/.well-known/openid-configuration';
this._userId = null;
this._authParams = {
domain: this._domain,
clientID: this._clientId,
redirectUri: this._callbackUrl,
redirect: true,
responseType: 'token'
this._logoutUrl = 'https://' + this.opts.domain + '/realms/' + this.opts.realm + '/protocol/openid-connect/logout';
this._state = Math.random().toString(36).substr(2, 7);
this._settings = {
authority: this._authority,
client_id: this._clientId,
redirect_uri: this._callbackUrl,
response_type: 'id_token token',
scope: 'openid airmap-api profile email',
ui_locales: this.opts.language
};
this._webAuth = new auth0.WebAuth(this._authParams);
this._client = new oidc.OidcClient(this._settings);
this._initAuth();

@@ -85,3 +88,3 @@ }

// Process successul and failed authentication
// Process successful and failed authentication
this._handleAuthentication();

@@ -108,8 +111,10 @@

this._webAuth.parseHash(function (err, authResult) {
if (authResult && authResult.idToken) {
_this2._setSession(authResult);
} else if (err) {
_this2._setError(err);
}
if (!this._hasIdToken()) {
return;
}
this._client.processSigninResponse().then(function (response) {
_this2._setSession(response);
}).catch(function (err) {
_this2._setError(err);
});

@@ -128,11 +133,22 @@ }

value: function _setSession(authResult) {
localStorage.setItem(this._tokenName, authResult.idToken);
this._userId = authResult.idTokenPayload.sub;
localStorage.setItem(this._tokenName, authResult.id_token);
this._userId = authResult.profile.sub;
this.opts.onAuthenticated(authResult);
this.sanitizeUrlRedirect();
}
/*
* Returns true if the url hash contains an id_token
*/
}, {
key: '_hasIdToken',
value: function _hasIdToken() {
return window.location.hash.indexOf('id_token') > -1;
}
/**
* Process authentication error
* @private
* @param {object} error
* @param {string} err
* @return {void}

@@ -143,23 +159,6 @@ */

key: '_setError',
value: function _setError(error) {
this.logout();
var description = void 0;
try {
description = JSON.parse(error.errorDescription);
} catch (e) {
description = {};
}
var err = _extends({}, error, {
error_description: _extends({
type: ''
}, description)
});
var authErr = new AuthorizationError(err.error_description.type);
// Redirecting errors to hosted login is a workaround until there's a
// resolution for auth0/lock#637 and auth0/lock#692
this._webAuth.authorize({
language: this.opts.language,
logo: this.opts.logo,
flash_message: authErr.getText(this.opts.language)
});
value: function _setError() {
var err = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : 'An unknown error has occurred.';
this.opts.onAuthenticationError(err);
}

@@ -179,8 +178,10 @@

var authenticated = this.isAuthenticated();
if (authenticated || window.location.hash.indexOf('id_token') > -1) {
if (authenticated || this._hasIdToken()) {
return;
} else {
this._webAuth.authorize({
language: this.opts.language,
logo: this.opts.logo
this._client.createSigninRequest({ state: Math.random().toString(36).substr(2, 7) }).then(function (req) {
console.log("signin request", req, "<a href='" + req.url + "'>go signin</a>");
window.location = req.url;
}).catch(function (err) {
console.log(err);
});

@@ -205,10 +206,10 @@ return;

var timeStampNow = Math.floor(Date.now() / 1000);
return timeStampNow < decoded.exp ? true : false;
return timeStampNow < decoded.exp;
}
/**
* Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
* Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
* This method can be used to retrieve the user's AirMap Id for calls to other AirMap APIs like the Pilot API, which returns a Pilot's profile.
* @public
* @return {string} returns the user's id (if authenticated), null if profile could not be retrieved.
* @return {string || null} returns the user's id (if authenticated), null if profile could not be retrieved.
*/

@@ -229,3 +230,3 @@

/**
* Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
* Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null.
* @public

@@ -245,3 +246,3 @@ * @return {string} returns the user's token (if authenticated), null if user is not authenticated (active session).

* @public
* @param {string} logoutUrl - If a logout url is provided as a parameter, upon logging out, page will be redirected to the provided url, otherwise no redirect.
* @param {string || null} logoutRedirectUrl - If a logoutRedirect url is provided as a parameter, upon logging out, page will be redirected to the provided url, otherwise it will redirect to the current url without the hash.
* @return {void}

@@ -253,15 +254,34 @@ */

value: function logout() {
var logoutUrl = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null;
var logoutRedirectUrl = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null;
if (!this.isAuthenticated()) return;
if (logoutUrl) {
localStorage.removeItem(this._tokenName);
window.location.href = logoutUrl;
return;
} else {
localStorage.removeItem(this._tokenName);
return;
// if (!this.isAuthenticated()) return
var logoutUrl = this._logoutUrl + '?redirect_uri=' + this.sanitizedUrl();
if (logoutRedirectUrl) {
logoutUrl = this._logoutUrl + '?redirect_uri=' + logoutRedirectUrl;
}
localStorage.removeItem(this._tokenName);
window.location.href = logoutUrl;
this.opts.onLogout();
}
// strips off hash and redirects to url
}, {
key: 'sanitizeUrlRedirect',
value: function sanitizeUrlRedirect() {
window.location.href = this.sanitizedUrl();
}
// returns a sanitized url without hash
}, {
key: 'sanitizedUrl',
value: function sanitizedUrl() {
return window.location.toString().split('#')[0];
}
}, {
key: 'defaults',

@@ -282,8 +302,14 @@ get: function get() {

AirMapAuth.defaults = {
autoLaunch: false,
domain: 'sso.airmap.io',
domain: 'auth.airmap.com',
autoLaunch: true,
realm: 'airmap',
language: 'en',
logo: 'us',
onAuthenticated: function onAuthenticated(authResult) {
return null;
},
onAuthenticationError: function onAuthenticationError(error) {
return null;
},
onLogout: function onLogout() {
return null;
}

@@ -290,0 +316,0 @@ };

23

examples/index.js

@@ -7,4 +7,12 @@ // Load the AirMapAuth constructor

const config = {
// config settings from AirMap Developer Dashboard
// config settings from AirMap Developer Dashboard, example given below
// auth0: {
// client_id: AIRMAP_CLIENT_ID,
// callback_url: CALLBACK_URL
// }
}
// Logout Redirect Url
const logoutUrl = "http://localhost:8081"
// client_id: from the AirMap Developer Portal (https://dashboard.airmap.io/developer)

@@ -17,3 +25,10 @@ // callback_url: your callback url needs to be saved on the AirMap Developer Portal (https://dashboard.airmap.io/developer)

autoLaunch: false,
language: 'en'
language: 'en',
onAuthenticationError: (error) => {
console.log(error)
webAuth.logout()
},
onLogout: () => {
window.alert("You are now logged out.")
}
}

@@ -26,3 +41,3 @@

window.login = () => {
webAuth.showAuth()
webAuth.showAuth();
}

@@ -32,3 +47,3 @@

window.logout = () => {
webAuth.logout('http://localhost:8080/logout-redirect.html')
webAuth.logout(logoutUrl)
}

@@ -35,0 +50,0 @@

10

package.json
{
"name": "airmap-auth",
"version": "2.0.2",
"version": "3.0.0",
"description": "Authenticate users with AirMap",

@@ -33,3 +33,3 @@ "author": "AirMap, Inc. <developers@airmap.com> (https://airmap.com)",

"release": "sh ./scripts/release.sh",
"start": "budo ./examples/index.js --serve=examples/bundle.js --port=8080 --live --cors --dir=examples -- -t babelify",
"start": "budo examples/index.js:examples/bundle.js --port=8081 --live --cors --dir=examples -- -t babelify",
"test": "export NODE_PATH=./ && mocha --compilers js:babel-register --recursive test/setup.js test/unit/*",

@@ -39,4 +39,4 @@ "test:circle": "export NODE_PATH=./ && mocha --compilers js:babel-register --recursive --reporter mocha-junit-reporter test/setup.js test/unit/* --reporter-options mochaFile=$CIRCLE_TEST_REPORTS/mocha/unit.xml"

"dependencies": {
"auth0-js": "^9.3.2",
"jsonwebtoken": "^8.2.1"
"jsonwebtoken": "^8.2.1",
"oidc-client": "^1.6.1"
},

@@ -51,3 +51,3 @@ "devDependencies": {

"browserify": "^13.1.0",
"budo": "^11.2.2",
"budo": "^11.5.0",
"chai": "^3.5.0",

@@ -54,0 +54,0 @@ "jsdoc": "^3.4.0",

10

README.md

@@ -14,2 +14,8 @@ # AirMap Auth

## Version 3 Changes
We've migrated our authentication solution from Auth0 to Keycloak. This package has been updated to reflect this change.
While there are no breaking changes to the end-user experience, it is important to upgrade as the previous version will no longer work once Auth0 is deprecated.
## Upgrading from v1 to v2

@@ -28,6 +34,6 @@

<!-- Latest patch release -->
<script src="https://cdn.airmap.io/js/auth/2.0.0/airmap-auth.min.js"></script>
<script src="https://cdn.airmap.io/js/auth/3.0.0/airmap-auth.min.js"></script>
<!-- Latest minor release -->
<script src="https://cdn.airmap.io/js/auth/v2.0/index.min.js"></script>
<script src="https://cdn.airmap.io/js/auth/v3.0/index.min.js"></script>
```

@@ -34,0 +40,0 @@ 

dist/airmap-auth.min.js

Sorry, the diff of this file is too big to display

examples/index.html

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc