@infomaker/service-authorization-lib v5.7.1

Infomaker service-authorization-lib

Develop the project

Run the unit tests

docker-compose up

Rebuild after updates to package.json

docker-compose down
docker-compose build
docker-compose up

tokenUtils

Usage

  const tokenUtils = require('@infomaker/service-authorization-lib').tokenUtils

  const expressMiddlewareFunctionThing = (req, res, next) => {
    tokenUtils.extractServiceTokenFromRequest(req) // -> {...} serviceToken
    tokenUtils.extractImidTokenFromRequest(req) // -> 'eyJhbGciOiJSUzUxMiIsIn...' | null
    tokenUtils.getSubject(req) // -> '07b9d9e6-5be1-4eb2-9675-9ee702f955ce'
    tokenUtils.getOrganization(req) // -> 'infomaker'
    tokenUtils.getUnits(req) // -> ['unit-a', 'unit-b']
    tokenUtils.getSelectedUnit(req) // -> 'unit-a'
    tokenUtils.getOrgPermissions(req) // -> ['writer:access']
    tokenUtils.getUnitPermissions(req, 'infomaker-dev') // -> ['writer:access']
    tokenUtils.isServiceAdmin(req) // -> false
    tokenUtils.getUserinfo(req) // -> { given_name: ... }
  }

extractServiceTokenFromRequest(request) ⇒ Object

Extracts and decodes a service token from request

Returns: Object - serviceToken - The service token

extractImidTokenFromRequest(request) ⇒ String | null

Extracts IMID token from a raw request if present

Returns: String | null - imidToken - The IMID token if present

getSubject(request) ⇒ String

Get the subject from the service token

Returns: String - organization - The subject identifier set on the service token

getOrganization(request) ⇒ String

Get the subject's organization

Returns: String - organization - The organization the subject belongs to

getUnits(request) ⇒ Array.<String>

Get the subject's mapped units

Returns: Array.<String> - units - An array of all units the subject belongs to

getSelectedUnit(request) ⇒ null | String

Get the subject's selected unit

Returns: null | String - unit - The subject's selected unit, null if no unit selected

getOrgPermissions(request) ⇒ Array.<String>

Get the subject's organization permissions

Organization permissions are located under permissions.org

Returns: Array.<String> - } permissions - The subject's org permissions

getUnitPermissions(request, unit) ⇒ Array.<String>

Get the subject's permissions for the specified unit

Organization permissions are located under permissions.unitsunit

Returns: Array.<String> - } permissions - The subject's permissions for the specified unit

isServiceAdmin(request) ⇒ Boolean

Checks if a token belogs to an admin for the service

Organization permissions are located under permissions.unitsunit

Returns: Boolean - isServiceAdmin - True if the token belongs to an admin for the service

getUserinfo(request) ⇒ Object

Get the subject's userinfo

Organization permissions are located under permissions.unitsunit

Returns: Object - userinfo - The userinfo object set on the subject