Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

oidc

Package Overview
Dependencies
Maintainers
2
Versions
17
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

oidc - npm Package Compare versions

Comparing version 0.2.0 to 0.2.1

lib/handlerFactory.js
lib/handlers/authorizationToken.js
lib/handlers/code.js
lib/handlers/idToken.js
lib/handlers/index.js
README.md

2

Gruntfile.js

@@ -8,3 +8,3 @@ 'use strict';

},
timeout: 5000,
timeout: 500,
require: ['deride', 'should']

@@ -11,0 +11,0 @@ };

104

lib/auth.js

@@ -6,7 +6,7 @@ 'use strict';

let debug = require('debug')('oidc:auth');
let Jwt = require('./models').Jwt;
//let AuthorizationToken = require('./models').AuthorizationToken;
let rest = require('restler');
let Handlers = require('./handlers');
let HandlerFactory = require('./handlerFactory');
function Auth(options, done) {

@@ -18,2 +18,7 @@ let self = {};

let handlerFactory = new HandlerFactory();
handlerFactory.addHandler(new Handlers.Code(options, handlerFactory));
handlerFactory.addHandler(new Handlers.AuthorizationToken(options, handlerFactory));
handlerFactory.addHandler(new Handlers.IDToken(options, handlerFactory));
debug('Loading openid-configuration from ' + options.oidcServer);

@@ -36,82 +41,35 @@ // Dynamically load the configuration

});
});
// Swap the code returnened from the Authorizatoin code flow
// for an access_token, refresh_token and id_token
let handleAuthorizationCode = (code, handler) => {
debug('handling authorization flow code: ' + code);
let params = {
grant_type: 'authorization_code',
code: code,
redirect_uri: options.callbackURL
};
let postOptions = {
headers: {
Authorization: 'Basic ' + options.bearer
},
data: params
};
debug('requesting access_token from token endpoint');
rest
.post(options.odicConfig.token_endpoint, postOptions)
.on('complete', result => {
// let token = new AuthorizationToken(result);
let jwt = new Jwt(options, result.id_token);
let user = {
id: jwt.payload.sub,
name: jwt.payload.name,
email: jwt.payload.email,
preferredUsername: jwt.payload.preferred_username,
jwt: jwt.raw
let handleFailure = (result, middleware, handlerOptions) => {
if(result.valid === false && handlerOptions.redirectToOidc) {
let params = {
response_type: 'code',
scope: 'openid profile email groups offline_access',
client_id: options.clientId,
state: uid(24),
redirect_uri: options.callbackURL
};
debug('user ' + user.name + ' authenticated using JWT');
handler.success(user);
});
var location = options.odicConfig.authorization_endpoint + '?' + querystring.stringify(params);
debug('redirecting to the open id connect server');
return middleware.redirect(location);
}
middleware.fail();
};
let handleJwt = (data, handler) => {
let jwt = new Jwt(options, data);
let user = {
id: jwt.payload.sub,
name: jwt.payload.name,
email: jwt.payload.email,
preferredUsername: jwt.payload.preferred_username,
jwt: jwt.raw
self.handle = (req, middleware, handlerOptions) => {
handlerOptions = handlerOptions || {};
let result = {
valid: false
};
debug('user ' + user.name + ' authenticated using JWT');
handler.success(user);
handlerFactory.handlerFor(req.query, result, (err) => {
if(err) { middleware.fail(err); }
return result.valid ? middleware.success(result) :
handleFailure(result, middleware, handlerOptions);
});
};
let redirectToOkta = (handler) => {
let params = {
response_type: 'code',
scope: 'openid profile email groups offline_access',
client_id: options.clientId,
state: uid(24),
redirect_uri: options.callbackURL
};
var location = options.odicConfig.authorization_endpoint + '?' + querystring.stringify(params);
debug('redirecting to the open id connect server');
handler.redirect(location);
};
self.handle = (req, handler, handlerOptions) => {
handlerOptions = handlerOptions || {};
/* jshint maxcomplexity: 7 */
if (req.user) { return handleJwt(req.user, handler); }
if (req.query && req.query.error) { throw new Error('needs to be unauthorized'); }
if (req.query && req.query.code) { return handleAuthorizationCode(req.query.code, handler); }
if (req.query && req.query.id_token) { return handleJwt(req.query.id_token, handler); }
if(handlerOptions.redirectToOidc) {
redirectToOkta(handler);
} else {
handler.fail();
}
};
return Object.freeze(self);
}
module.exports = Auth;

3

lib/models/jwt.js

@@ -5,5 +5,6 @@ 'use strict';

function Jwt(options, data) {
function Jwt(options, result) {
/* jshint maxcomplexity: 5 */
let self = {};
let data = result.id_token;

@@ -10,0 +11,0 @@ // Decode it first

3

package.json
{
"name": "oidc",
"version": "0.2.0",
"version": "0.2.1",
"description": "Middleware for a bunch of common web servers to handle OIDC authentication.",

@@ -35,2 +35,3 @@ "keywords": [

"dependencies": {
"async": "^2.0.1",
"debug": "^2.2.0",

@@ -37,0 +38,0 @@ "jsonwebtoken": "^7.1.7",

LICENSE
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc