Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
civic-sip-api
Advanced tools
Node.js wrapper for the Civic hosted SIP API. For best results, be sure that you're using the latest version.
Please see docs.civic.com for a more details.
civic-sip-api
can be installed from npm:
npm install civic-sip-api --save
const civicSip = require('civic-sip-api');
const civicClient = civicSip.newClient({
appId: 'ABC123',
appSecret: APP_SECRET,
prvKey: PRV_KEY,
});
civicClient.exchangeCode(jwtToken)
.then((userData) => {
// store user data and userId as appropriate
console.log('userData = ', JSON.stringify(userData, null, 4));
}).catch((error) => {
console.log(error);
});
Example of data returned for a ScopeRequest
of BASIC_SIGNUP
userData = {
"data": [
{
"label": "contact.personal.email",
"value": "user.test@gmail.com",
"isValid": true,
"isOwner": true
},
{
"label": "contact.personal.phoneNumber",
"value": "+1 5556187380",
"isValid": true,
"isOwner": true
}
],
"userId": "c6d5795f8a059ez5ad29a33a60f8b402a172c3e0bbe50fd230ae8e0303609b42"
}
There is basic proxy support. The server address and port is set as a url.
rejectUnauthorized
Setting this to false
is optional and can be used when testing in development and needing to use a self signed cerificate. We do not recommend setting this to false
in a production environment as it will compromise security.
const civicSip = require('civic-sip-api');
const civicClient = civicSip.newClient({
appId: 'ABC123',
appSecret: APP_SECRET,
prvKey: PRV_KEY,
proxy: {
url: 'http://10.0.0.6:8080',
rejectUnauthorized: false, // Do not make false in production
},
});
civicClient.exchangeCode(jwtToken)
.then((userData) => {
// store user data and userId as appropriate
console.log('userData = ', JSON.stringify(userData, null, 4));
}).catch((error) => {
console.log(error);
});
Copyright © 2018 Civic.com
Released under the MIT License, which can be found in the repository in LICENSE.txt
.
FAQs
Server-side library for the Civic Secure Identity platform.
We found that civic-sip-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.