anvil-connect-sdk - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

index.js

		@@ -11,3 +11,2 @@ /**
		, UnauthorizedError = require('./errors/UnauthorizedError')
		//, UserInfoError = require('./lib/UserInfoError')
		, FormUrlencoded = require('form-urlencoded')
		@@ -56,2 +55,11 @@ ;
		/**
		* Client whitelist
		*
		* If this is undefined, all clients are authorized.
		*/

		clients: undefined,


		/**
		* Client Configuration Setter
		@@ -114,2 +122,3 @@ */
		this.params = options.params;
		this.clients = options.clients;
		},
		@@ -383,3 +392,9 @@
		*
		* server.use(anvil.verify({ scope: 'research' }));
		* server.use(anvil.verify({
		* scope: 'research',
		* clients: [
		* 'uuid1',
		* 'uuid2'
		* ]
		* }));
		*
		@@ -393,2 +408,3 @@ */
		, options = options \|\| {}
		, clients = options.clients \|\| anvil.clients
		, scope = options.scope
		@@ -477,7 +493,7 @@ , key = provider.key
		// Token validation parameters
		jwt: client.token,
		key: provider.key,
		iss: provider.uri,
		aud: client.id,
		scope: scope
		jwt: client.token,
		key: provider.key,
		issuer: provider.uri,
		clients: clients,
		scope: scope

		@@ -484,0 +500,0 @@ }, function (err, token) {

lib/AccessToken.js

		@@ -73,6 +73,10 @@ /**

		var claims = result.random \|\| result.jwt.payload;
		var claims = result.random \|\| result.jwt.payload
		, issuer = options.issuer
		, clients = options.clients
		, scope = options.scope
		;

		// mismatching issuer
		if (claims.iss !== options.iss) {
		if (claims.iss !== issuer) {
		return callback(new UnauthorizedError({
		@@ -86,3 +90,3 @@ error: 'invalid_token',
		// mismatching audience
		if (claims.aud !== options.aud) {
		if (clients && clients.indexOf(claims.aud) === -1) {
		return callback(new UnauthorizedError({
		@@ -105,3 +109,3 @@ error: 'invalid_token',
		// insufficient scope
		if (claims.scope.indexOf(options.scope) === -1) {
		if (scope && claims.scope.indexOf(scope) === -1) {
		return callback(new UnauthorizedError({
		@@ -108,0 +112,0 @@ error: 'insufficient_scope',

package.json

		{
		"name": "anvil-connect-sdk",
		"version": "0.1.0",
		"version": "0.1.1",
		"description": "Nodejs SDK for Anvil Connect",
		@@ -5,0 +5,0 @@ "author": {

README.md

		# Node SDK for Anvil Connect

		[Anvil Connect](https://github.com/christiansmith/anvil-connect) aims to be a scalable, full-featured, ready-to-run [OpenID Connect](http://openid.net/connect/) + [OAuth 2.0](http://tools.ietf.org/html/rfc6749) Provider. This package is a SDK for Nodejs client developers.


		### Install

		```bash
		$ npm install anvil-connect-sdk --save
		```

		### Usage

		Configuration example:

		```javascript
		var anvil = require('anvil-connect-sdk');

		anvil.configure({
		provider: {
		uri: 'https://your.authorization.server',
		key: '/path/to/public.key.pem'
		},
		client: {
		id: 'uuid',
		token: 'client.jwt.access.token'
		},
		params: {
		redirectUri: 'https://your.client.tld/callback'
		}
		});
		```


		### Protecting Services

		Anvil Connect SDK includes Connect/Express/Restify compatible middleware for authenticating access tokens issued by Anvil Connect and enforcing authorization based on OAuth 2.0 scope.

		This middleware can be used as route specific middleware...

		```javascript
		var authorize = anvil.verify({ scope: 'research' });

		server.post('/protected', authorize, function (req, res, next) {
		// handle the request
		});
		```

		...or to protect the entire server:

		```javascript
		server.use(anvil.verify({ scope: 'research' }));
		```

New alerts