trusted-accounts-sdk-node - npm Package Compare versions

Comparing version 1.0.4 to 1.0.5

144

index.js

		@@ -0,56 +1,98 @@
		const axios = require('axios');
		const qs = require('querystring');

		class TrustedAccountsClient {
		constructor(
		clientId,
		redirectUri,
		authUrl = 'https://auth.trustedaccounts.org/oauth2/auth',
		tokenUrl = 'https://auth.trustedaccounts.org/oauth2/token') {
		this.clientId = clientId;
		this.redirectUri = redirectUri;
		this.authUrl = authUrl; // Optionally allow the user to specify a custom auth URL
		this.tokenUrl = tokenUrl; // Optionally allow the user to specify a custom token URL
		constructor(
		clientId,
		clientSecret,
		redirectUri,
		authUrl = 'https://auth.trustedaccounts.org/oauth2/auth',
		tokenUrl = 'https://auth.trustedaccounts.org/oauth2/token'
		) {
		this.clientId = clientId;
		this.clientSecret = clientSecret;
		this.redirectUri = redirectUri;
		this.authUrl = authUrl;
		this.tokenUrl = tokenUrl;
		}

		// Generate the authorization URL (for the user to authenticate)
		generateAuthorizationUrl(email) {
		const state = Math.random().toString(36).substring(2); // Generate a random state value
		const nonce = Math.random().toString(36).substring(2); // Generate a random nonce value

		const url = new URL(this.authUrl);
		url.searchParams.append('client_id', this.clientId);
		url.searchParams.append('redirect_uri', this.redirectUri);
		url.searchParams.append('response_type', 'code'); // Using Authorization Code Flow
		url.searchParams.append('scope', 'openid');
		url.searchParams.append('state', state);
		url.searchParams.append('email', email); // Optionally pass user-specific details
		url.searchParams.append('nonce', nonce); // Generate a random nonce

		return url.toString();
		}

		// Handle the callback after the user completes the verification
		async handleCallback(url) {
		const urlParams = new URLSearchParams(new URL(url).search); // Extract search parameters from URL
		const authorizationCode = urlParams.get('code');
		const state = urlParams.get('state');

		if (!authorizationCode) {
		throw new Error('Authorization code missing in callback URL');
		}

		// Generate the verification link (OIDC authorization URL)
		generateVerificationLink(email) {
		const state = Math.random().toString(36).substring(2); // Generate a random state value
		const nonce = Math.random().toString(36).substring(2); // Generate a random nonce value

		const url = new URL(this.authUrl);
		url.searchParams.append('client_id', this.clientId);
		url.searchParams.append('redirect_uri', this.redirectUri);
		url.searchParams.append('response_type', 'id_token'); // Using Implicit Flow
		url.searchParams.append('scope', 'openid');
		url.searchParams.append('state', state);
		url.searchParams.append('email', email); // You can also pass other user details as necessary
		url.searchParams.append('nonce', nonce); // Generate a random nonce

		return url.toString();
		if (!state) {
		throw new Error('State parameter missing in callback URL');
		}

		// Handle the callback after the user completes the verification
		async handleCallback(url) {
		const urlParams = new URLSearchParams(new URL(url).hash.substring(1)); // Extract hash parameters from URL
		const idToken = urlParams.get('id_token');

		if (!idToken) {
		throw new Error('ID Token missing in callback URL');
		}

		// Decode the ID Token to extract the Trusted ID (sub claim)
		const trustedId = this.decodeIdToken(idToken);
		return trustedId;
		}

		// Decoding the ID Token and returning the sub claim
		decodeIdToken(idToken) {
		const base64Url = idToken.split('.')[1]; // Get the payload part of the JWT
		const base64 = base64Url.replace('-', '+').replace('_', '/'); // Base64URL decode
		const jsonPayload = Buffer.from(base64, 'base64').toString('utf8');
		const decodedPayload = JSON.parse(jsonPayload);

		// Return the "sub" (user's unique Trusted ID)
		return decodedPayload.sub;
		}

		// Exchange the authorization code for an access token
		const tokenResponse = await this.exchangeCodeForToken(authorizationCode, state);

		// Decode the ID Token (or use access token to access the user data)
		const trustedId = this.decodeIdToken(tokenResponse.id_token);
		return trustedId;
		}

		// Exchange the authorization code for an access token
		async exchangeCodeForToken(code, state) {
		const tokenData = {
		client_id: this.clientId,
		client_secret: this.clientSecret,
		code: code,
		redirect_uri: this.redirectUri,
		grant_type: 'authorization_code',
		};

		const response = await axios.post(this.tokenUrl, qs.stringify(tokenData), {
		headers: {
		'Content-Type': 'application/x-www-form-urlencoded',
		},
		});

		// Return the token response which includes id_token and access_token
		return response.data;
		}

		// Decode the ID Token and return the "sub" (user's unique Trusted ID)
		decodeIdToken(idToken) {
		const base64Url = idToken.split('.')[1]; // Get the payload part of the JWT
		const base64 = base64Url.replace('-', '+').replace('_', '/'); // Base64URL decode
		const jsonPayload = Buffer.from(base64, 'base64').toString('utf8');
		const decodedPayload = JSON.parse(jsonPayload);

		// Return the "sub" (user's unique Trusted ID)
		return decodedPayload.sub;
		}
		}

		module.exports = TrustedAccountsClient;

		// For CommonJS support
		module.exports = TrustedAccountsClient;

		// For ES Module support
		if (typeof exports === 'object' && typeof module !== 'undefined') {
		module.exports = TrustedAccountsClient; // For require()
		} else {
		global.TrustedAccountsClient = TrustedAccountsClient; // For global object (in browser or Node.js)
		}

package.json

		{
		"name": "trusted-accounts-sdk-node",
		"version": "1.0.4",
		"version": "1.0.5",
		"description": "A simple SDK for Trusted Accounts for NodeJS",
		"main": "index.js",
		"types": "trusted-accounts-sdk-node.d.ts",
		"type": "module",
		"repository": {
		@@ -23,5 +24,5 @@ "type": "git",
		"dependencies": {


		}
		}

trusted-accounts-sdk-node - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics