🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

brightspace-auth-provisioning

Package Overview
Dependencies
Maintainers
1
Versions
15
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

brightspace-auth-provisioning

Make token assertions against an auth service

8.2.1
latest
Source
npm
Version published
Weekly downloads
5.9K
-5.99%
Maintainers
1
Weekly downloads
 
Created
Source

brightspace-auth-provisioning

Build Status

Library for making assertions against an auth service.

Install

npm install brightspace-auth-provisioning --save

Usage

var AuthTokenProvisioner = require('brightspace-auth-provisioning');

var provisioner = new AuthTokenProvisioner({
	issuer: 'ece083bc-e6ac-11e4-8e1b-54ee750fffa4',
	keyLookup: function () {
		return Promise.resolve({
			kid: '0a9e68f6-e6ad-11e4-8ab6-54ee750fffa4',
			pem: '...',
			alg: 'ES256'
		});
	}
});

var tokenPromise = provisioner
	.provisionToken({
		user: '32647',
		impersonator: '30882',
		tenant: '5492ff8a-e6ad-11e4-84d6-54ee750fffa4',
		scopes: ['updates:feed-items:read'],
		fsid: 'eyJhbGciOiJIUzI1Ni...'
	});

API

new AuthTokenProvisioner(Object options) -> AuthTokenProvisioner

Option: issuer String (required)

The String used to identify your local issuer/service. This must be registered with the auth service.

Option: keyLookup () -> Promise<Object> (required)

A function which returns a Promise to an Object representing your current signing key. The object must have the properties kid, which is a unique String, and pem which is the String representing the private key. The object should also have a String property alg representing the signing algorithm to use. alg must be one of ES256, ES384, ES512 or RS256. RS256 will be assumed if alg is not provided.

NOTE: alg will be required in the future.

Option: remoteIssuer String (https://auth.brightspace.com/core)

You may optionally specifiy the endpoint of the remote issuer, or auth service.

Option: cache AbstractProvisioningCache (AbstractProvisioningCache)

You may optionally specify an instance of an object inheriting from AuthTokenProvisioner.AbstractProvisioningCache.

.provisionToken(Object options) -> Promise<String>

Given the set of claims provided, will make an assertion against the auth service. Returns a promise to the encoded access token.

Option: scopes Array<String> (required)

The set of scopes to include in the auth token. The contained scopes should fit our semantic scope formatting: <group>:<resource>:<permission>.

Option: tenant String

The GUID of the tenant this token is meant for.

Option: user String

The id of the user this token is meant for. Requires the tenant option has been set.

Option: impersonator String

The id of the active user, who is impersonating user. Requires the user option has been set.

Option: fsid String

The Caliper FSID associated with this token.

.AbstractProvisioningCache

Available on the export is a reference to the AbstractProvisioningCache

FAQs

Package last updated on 12 May 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Open Source Maintainers Demand Ability to Block Copilot-Generated Issues and PRs

Security News

Open Source Maintainers Demand Ability to Block Copilot-Generated Issues and PRs

Open source maintainers are urging GitHub to let them block Copilot from submitting AI-generated issues and pull requests to their repositories.

By Sarah Gooding  -  May 20, 2025