Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

brightspace-auth-provisioning

Package Overview
Dependencies
Maintainers
1
Versions
15
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

brightspace-auth-provisioning

Make token assertions against an auth service

  • 8.1.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
5.1K
increased by7.59%
Maintainers
1
Weekly downloads
 
Created
Source

brightspace-auth-provisioning

Build Status

Library for making assertions against an auth service.

Install

npm install brightspace-auth-provisioning --save

Usage

var AuthTokenProvisioner = require('brightspace-auth-provisioning');

var provisioner = new AuthTokenProvisioner({
	issuer: 'ece083bc-e6ac-11e4-8e1b-54ee750fffa4',
	keyLookup: function () {
		return Promise.resolve({
			kid: '0a9e68f6-e6ad-11e4-8ab6-54ee750fffa4',
			pem: '...',
			alg: 'ES256'
		});
	}
});

var tokenPromise = provisioner
	.provisionToken({
		user: '32647',
		impersonator: '30882',
		tenant: '5492ff8a-e6ad-11e4-84d6-54ee750fffa4',
		scopes: ['updates:feed-items:read'],
		fsid: 'eyJhbGciOiJIUzI1Ni...'
	});

API


new AuthTokenProvisioner(Object options) -> AuthTokenProvisioner
Option: issuer String (required)

The String used to identify your local issuer/service. This must be registered with the auth service.

Option: keyLookup () -> Promise<Object> (required)

A function which returns a Promise to an Object representing your current signing key. The object must have the properties kid, which is a unique String, and pem which is the String representing the private key. The object should also have a String property alg representing the signing algorithm to use. alg must be one of ES256, ES384, ES512 or RS256. RS256 will be assumed if alg is not provided.

NOTE: alg will be required in the future.

Option: remoteIssuer String (https://auth.brightspace.com/core)

You may optionally specifiy the endpoint of the remote issuer, or auth service.

Option: cache AbstractProvisioningCache (AbstractProvisioningCache)

You may optionally specify an instance of an object inheriting from AuthTokenProvisioner.AbstractProvisioningCache.


.provisionToken(Object options) -> Promise<String>

Given the set of claims provided, will make an assertion against the auth service. Returns a promise to the encoded access token.

Option: scopes Array<String> (required)

The set of scopes to include in the auth token. The contained scopes should fit our semantic scope formatting: <group>:<resource>:<permission>.

Option: tenant String

The GUID of the tenant this token is meant for.

Option: user String

The id of the user this token is meant for. Requires the tenant option has been set.

Option: impersonator String

The id of the active user, who is impersonating user. Requires the user option has been set.

Option: fsid String

The Caliper FSID associated with this token.


.AbstractProvisioningCache

Available on the export is a reference to the AbstractProvisioningCache

FAQs

Package last updated on 24 Aug 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc