airmap-auth
Advanced tools
Comparing version 2.0.2 to 3.0.0
@@ -80,3 +80,3 @@ ## Modules | ||
### airMapAuth.getUserId() ⇒ <code>string</code> | ||
Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
This method can be used to retrieve the user's AirMap Id for calls to other AirMap APIs like the Pilot API, which returns a Pilot's profile. | ||
@@ -90,3 +90,3 @@ | ||
### airMapAuth.getUserToken() ⇒ <code>string</code> | ||
Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
@@ -93,0 +93,0 @@ **Kind**: instance method of [<code>AirMapAuth</code>](#AirMapAuth) |
@@ -9,3 +9,3 @@ 'use strict'; | ||
var auth0 = require('auth0-js'); | ||
var oidc = require('oidc-client'); | ||
var jwt = require('jsonwebtoken'); | ||
@@ -43,3 +43,3 @@ | ||
// Checks for Auth0 Config Variables | ||
// Checks for oidc Config Variables | ||
if (!config || typeof config.auth0 === 'undefined') { | ||
@@ -60,13 +60,16 @@ throw new BadConfigError('auth0'); | ||
this._tokenName = 'AirMapUserToken'; | ||
this._domain = this.opts.domain; | ||
this._authority = 'https://' + this.opts.domain + '/realms/' + this.opts.realm + '/.well-known/openid-configuration'; | ||
this._userId = null; | ||
this._authParams = { | ||
domain: this._domain, | ||
clientID: this._clientId, | ||
redirectUri: this._callbackUrl, | ||
redirect: true, | ||
responseType: 'token' | ||
this._logoutUrl = 'https://' + this.opts.domain + '/realms/' + this.opts.realm + '/protocol/openid-connect/logout'; | ||
this._state = Math.random().toString(36).substr(2, 7); | ||
this._settings = { | ||
authority: this._authority, | ||
client_id: this._clientId, | ||
redirect_uri: this._callbackUrl, | ||
response_type: 'id_token token', | ||
scope: 'openid airmap-api profile email', | ||
ui_locales: this.opts.language | ||
}; | ||
this._webAuth = new auth0.WebAuth(this._authParams); | ||
this._client = new oidc.OidcClient(this._settings); | ||
this._initAuth(); | ||
@@ -85,3 +88,3 @@ } | ||
// Process successul and failed authentication | ||
// Process successful and failed authentication | ||
this._handleAuthentication(); | ||
@@ -108,8 +111,10 @@ | ||
this._webAuth.parseHash(function (err, authResult) { | ||
if (authResult && authResult.idToken) { | ||
_this2._setSession(authResult); | ||
} else if (err) { | ||
_this2._setError(err); | ||
} | ||
if (!this._hasIdToken()) { | ||
return; | ||
} | ||
this._client.processSigninResponse().then(function (response) { | ||
_this2._setSession(response); | ||
}).catch(function (err) { | ||
_this2._setError(err); | ||
}); | ||
@@ -128,11 +133,22 @@ } | ||
value: function _setSession(authResult) { | ||
localStorage.setItem(this._tokenName, authResult.idToken); | ||
this._userId = authResult.idTokenPayload.sub; | ||
localStorage.setItem(this._tokenName, authResult.id_token); | ||
this._userId = authResult.profile.sub; | ||
this.opts.onAuthenticated(authResult); | ||
this.sanitizeUrlRedirect(); | ||
} | ||
/* | ||
* Returns true if the url hash contains an id_token | ||
*/ | ||
}, { | ||
key: '_hasIdToken', | ||
value: function _hasIdToken() { | ||
return window.location.hash.indexOf('id_token') > -1; | ||
} | ||
/** | ||
* Process authentication error | ||
* @private | ||
* @param {object} error | ||
* @param {string} err | ||
* @return {void} | ||
@@ -143,23 +159,6 @@ */ | ||
key: '_setError', | ||
value: function _setError(error) { | ||
this.logout(); | ||
var description = void 0; | ||
try { | ||
description = JSON.parse(error.errorDescription); | ||
} catch (e) { | ||
description = {}; | ||
} | ||
var err = _extends({}, error, { | ||
error_description: _extends({ | ||
type: '' | ||
}, description) | ||
}); | ||
var authErr = new AuthorizationError(err.error_description.type); | ||
// Redirecting errors to hosted login is a workaround until there's a | ||
// resolution for auth0/lock#637 and auth0/lock#692 | ||
this._webAuth.authorize({ | ||
language: this.opts.language, | ||
logo: this.opts.logo, | ||
flash_message: authErr.getText(this.opts.language) | ||
}); | ||
value: function _setError() { | ||
var err = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : 'An unknown error has occurred.'; | ||
this.opts.onAuthenticationError(err); | ||
} | ||
@@ -179,8 +178,10 @@ | ||
var authenticated = this.isAuthenticated(); | ||
if (authenticated || window.location.hash.indexOf('id_token') > -1) { | ||
if (authenticated || this._hasIdToken()) { | ||
return; | ||
} else { | ||
this._webAuth.authorize({ | ||
language: this.opts.language, | ||
logo: this.opts.logo | ||
this._client.createSigninRequest({ state: Math.random().toString(36).substr(2, 7) }).then(function (req) { | ||
console.log("signin request", req, "<a href='" + req.url + "'>go signin</a>"); | ||
window.location = req.url; | ||
}).catch(function (err) { | ||
console.log(err); | ||
}); | ||
@@ -205,10 +206,10 @@ return; | ||
var timeStampNow = Math.floor(Date.now() / 1000); | ||
return timeStampNow < decoded.exp ? true : false; | ||
return timeStampNow < decoded.exp; | ||
} | ||
/** | ||
* Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
* Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
* This method can be used to retrieve the user's AirMap Id for calls to other AirMap APIs like the Pilot API, which returns a Pilot's profile. | ||
* @public | ||
* @return {string} returns the user's id (if authenticated), null if profile could not be retrieved. | ||
* @return {string || null} returns the user's id (if authenticated), null if profile could not be retrieved. | ||
*/ | ||
@@ -229,3 +230,3 @@ | ||
/** | ||
* Retreives a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
* Retrieves a user's id when authenticated. If no auth token exists or if it's invalid, the return value will be null. | ||
* @public | ||
@@ -245,3 +246,3 @@ * @return {string} returns the user's token (if authenticated), null if user is not authenticated (active session). | ||
* @public | ||
* @param {string} logoutUrl - If a logout url is provided as a parameter, upon logging out, page will be redirected to the provided url, otherwise no redirect. | ||
* @param {string || null} logoutRedirectUrl - If a logoutRedirect url is provided as a parameter, upon logging out, page will be redirected to the provided url, otherwise it will redirect to the current url without the hash. | ||
* @return {void} | ||
@@ -253,15 +254,34 @@ */ | ||
value: function logout() { | ||
var logoutUrl = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null; | ||
var logoutRedirectUrl = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : null; | ||
if (!this.isAuthenticated()) return; | ||
if (logoutUrl) { | ||
localStorage.removeItem(this._tokenName); | ||
window.location.href = logoutUrl; | ||
return; | ||
} else { | ||
localStorage.removeItem(this._tokenName); | ||
return; | ||
// if (!this.isAuthenticated()) return | ||
var logoutUrl = this._logoutUrl + '?redirect_uri=' + this.sanitizedUrl(); | ||
if (logoutRedirectUrl) { | ||
logoutUrl = this._logoutUrl + '?redirect_uri=' + logoutRedirectUrl; | ||
} | ||
localStorage.removeItem(this._tokenName); | ||
window.location.href = logoutUrl; | ||
this.opts.onLogout(); | ||
} | ||
// strips off hash and redirects to url | ||
}, { | ||
key: 'sanitizeUrlRedirect', | ||
value: function sanitizeUrlRedirect() { | ||
window.location.href = this.sanitizedUrl(); | ||
} | ||
// returns a sanitized url without hash | ||
}, { | ||
key: 'sanitizedUrl', | ||
value: function sanitizedUrl() { | ||
return window.location.toString().split('#')[0]; | ||
} | ||
}, { | ||
key: 'defaults', | ||
@@ -282,8 +302,14 @@ get: function get() { | ||
AirMapAuth.defaults = { | ||
autoLaunch: false, | ||
domain: 'sso.airmap.io', | ||
domain: 'auth.airmap.com', | ||
autoLaunch: true, | ||
realm: 'airmap', | ||
language: 'en', | ||
logo: 'us', | ||
onAuthenticated: function onAuthenticated(authResult) { | ||
return null; | ||
}, | ||
onAuthenticationError: function onAuthenticationError(error) { | ||
return null; | ||
}, | ||
onLogout: function onLogout() { | ||
return null; | ||
} | ||
@@ -290,0 +316,0 @@ }; |
@@ -7,4 +7,12 @@ // Load the AirMapAuth constructor | ||
const config = { | ||
// config settings from AirMap Developer Dashboard | ||
// config settings from AirMap Developer Dashboard, example given below | ||
// auth0: { | ||
// client_id: AIRMAP_CLIENT_ID, | ||
// callback_url: CALLBACK_URL | ||
// } | ||
} | ||
// Logout Redirect Url | ||
const logoutUrl = "http://localhost:8081" | ||
// client_id: from the AirMap Developer Portal (https://dashboard.airmap.io/developer) | ||
@@ -17,3 +25,10 @@ // callback_url: your callback url needs to be saved on the AirMap Developer Portal (https://dashboard.airmap.io/developer) | ||
autoLaunch: false, | ||
language: 'en' | ||
language: 'en', | ||
onAuthenticationError: (error) => { | ||
console.log(error) | ||
webAuth.logout() | ||
}, | ||
onLogout: () => { | ||
window.alert("You are now logged out.") | ||
} | ||
} | ||
@@ -26,3 +41,3 @@ | ||
window.login = () => { | ||
webAuth.showAuth() | ||
webAuth.showAuth(); | ||
} | ||
@@ -32,3 +47,3 @@ | ||
window.logout = () => { | ||
webAuth.logout('http://localhost:8080/logout-redirect.html') | ||
webAuth.logout(logoutUrl) | ||
} | ||
@@ -35,0 +50,0 @@ |
{ | ||
"name": "airmap-auth", | ||
"version": "2.0.2", | ||
"version": "3.0.0", | ||
"description": "Authenticate users with AirMap", | ||
@@ -33,3 +33,3 @@ "author": "AirMap, Inc. <developers@airmap.com> (https://airmap.com)", | ||
"release": "sh ./scripts/release.sh", | ||
"start": "budo ./examples/index.js --serve=examples/bundle.js --port=8080 --live --cors --dir=examples -- -t babelify", | ||
"start": "budo examples/index.js:examples/bundle.js --port=8081 --live --cors --dir=examples -- -t babelify", | ||
"test": "export NODE_PATH=./ && mocha --compilers js:babel-register --recursive test/setup.js test/unit/*", | ||
@@ -39,4 +39,4 @@ "test:circle": "export NODE_PATH=./ && mocha --compilers js:babel-register --recursive --reporter mocha-junit-reporter test/setup.js test/unit/* --reporter-options mochaFile=$CIRCLE_TEST_REPORTS/mocha/unit.xml" | ||
"dependencies": { | ||
"auth0-js": "^9.3.2", | ||
"jsonwebtoken": "^8.2.1" | ||
"jsonwebtoken": "^8.2.1", | ||
"oidc-client": "^1.6.1" | ||
}, | ||
@@ -51,3 +51,3 @@ "devDependencies": { | ||
"browserify": "^13.1.0", | ||
"budo": "^11.2.2", | ||
"budo": "^11.5.0", | ||
"chai": "^3.5.0", | ||
@@ -54,0 +54,0 @@ "jsdoc": "^3.4.0", |
@@ -14,2 +14,8 @@ # AirMap Auth | ||
## Version 3 Changes | ||
We've migrated our authentication solution from Auth0 to Keycloak. This package has been updated to reflect this change. | ||
While there are no breaking changes to the end-user experience, it is important to upgrade as the previous version will no longer work once Auth0 is deprecated. | ||
## Upgrading from v1 to v2 | ||
@@ -28,6 +34,6 @@ | ||
<!-- Latest patch release --> | ||
<script src="https://cdn.airmap.io/js/auth/2.0.0/airmap-auth.min.js"></script> | ||
<script src="https://cdn.airmap.io/js/auth/3.0.0/airmap-auth.min.js"></script> | ||
<!-- Latest minor release --> | ||
<script src="https://cdn.airmap.io/js/auth/v2.0/index.min.js"></script> | ||
<script src="https://cdn.airmap.io/js/auth/v3.0/index.min.js"></script> | ||
``` | ||
@@ -34,0 +40,0 @@ |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
677787
27
2969
78
3
+ Addedoidc-client@^1.6.1
+ Addedacorn@7.4.1(transitive)
+ Addedcore-js@3.37.0(transitive)
+ Addedoidc-client@1.11.5(transitive)
+ Addedrandombytes@2.1.0(transitive)
+ Addedserialize-javascript@4.0.0(transitive)
- Removedauth0-js@^9.3.2
- Removedasap@2.0.6(transitive)
- Removedasynckit@0.4.0(transitive)
- Removedauth0-js@9.25.0(transitive)
- Removedcall-bind@1.0.7(transitive)
- Removedcombined-stream@1.0.8(transitive)
- Removedcomponent-emitter@1.3.1(transitive)
- Removedcookiejar@2.1.4(transitive)
- Removeddebug@4.3.4(transitive)
- Removeddefine-data-property@1.1.4(transitive)
- Removeddelayed-stream@1.0.0(transitive)
- Removeddezalgo@1.0.4(transitive)
- Removedes-define-property@1.0.0(transitive)
- Removedes-errors@1.3.0(transitive)
- Removedes6-promise@4.2.8(transitive)
- Removedfast-safe-stringify@2.1.1(transitive)
- Removedform-data@4.0.0(transitive)
- Removedformidable@2.1.2(transitive)
- Removedfunction-bind@1.1.2(transitive)
- Removedget-intrinsic@1.2.4(transitive)
- Removedgopd@1.0.1(transitive)
- Removedhas-property-descriptors@1.0.2(transitive)
- Removedhas-proto@1.0.3(transitive)
- Removedhas-symbols@1.0.3(transitive)
- Removedhasown@2.0.2(transitive)
- Removedhexoid@1.0.0(transitive)
- Removedidtoken-verifier@2.2.4(transitive)
- Removedinherits@2.0.4(transitive)
- Removedjs-cookie@2.2.1(transitive)
- Removedjsbn@1.1.0(transitive)
- Removedlru-cache@6.0.0(transitive)
- Removedmethods@1.1.2(transitive)
- Removedmime@2.6.0(transitive)
- Removedmime-db@1.52.0(transitive)
- Removedmime-types@2.1.35(transitive)
- Removedminimist@1.2.8(transitive)
- Removedms@2.1.2(transitive)
- Removedobject-inspect@1.13.1(transitive)
- Removedonce@1.4.0(transitive)
- Removedqs@6.12.1(transitive)
- Removedreadable-stream@3.6.2(transitive)
- Removedsemver@7.6.0(transitive)
- Removedset-function-length@1.2.2(transitive)
- Removedside-channel@1.0.6(transitive)
- Removedstring_decoder@1.3.0(transitive)
- Removedsuperagent@7.1.6(transitive)
- Removedunfetch@4.2.0(transitive)
- Removedurl-join@4.0.1(transitive)
- Removedutil-deprecate@1.0.2(transitive)
- Removedwinchan@0.2.2(transitive)
- Removedwrappy@1.0.2(transitive)
- Removedyallist@4.0.0(transitive)