brightspace-auth-validation

brightspace-auth-validation

Usage

'use strict';

const http = require('http');
const validator = new (require('brightspace-auth-validation'))();

const server = http
	.createServer((req, res) => {
		validator
			.fromHeaders(req.headers)
			.then(token => {
				// token is a BrightspaceAuthToken instance
				res.statusCode = 201;
				res.end('Hi!\n');
			}, e => {
				console.error(e);
				res.statusCode = e.status || 403;
				res.end('Sorry, can\'t let you in!\n');
			});
	})
	.listen(3000);

API

new AuthTokenValidator([Object options]) -> AuthTokenValidator

Option: issuer String (https://auth.brightspace.com/core)

You may optionally specify the auth instance to connect to.

...new AuthTokenValidator({ issuer: 'https://auth.brightspace.com/core' });

Option : maxClockSkew Number (300)

You may optionally specify the allowed clock skew, in seconds, when validating time-based claims.

Option : maxKeyAge Number (18000)

Deprecated soon

You may optionally specify the length of time, in seconds, to trust a given key without re-confirmation.

Option: name String

Recommended. You may optionally specify a name to send as part of the user agent when fetching keys from the issuer. Assists in tracking issues and RCAs.

...new AuthTokenValidator({ name: 'johns-service' })

.fromHeaders(Object headers) -> Promise<BrightspaceAuthToken>

Given the incoming request headers, will attempt to extract and validate the authorization signature.

.fromSignature(String signature) -> Promise<BrightspaceAuthToken>

Validates an authorization signature.

.validateConfiguration() -> Promise<True>

Will attempt to interact with the provided auth instance. Resolves if all is well, or rejects with an error.