1.2.1 • Published 2 years ago
@vulos/identity-node-sdk v1.2.1
identity-node-sdk
The node.js SDK for Vulos Identity
Usage
This is an example on how you would use the browser SDK.
Assuming that you already have a database setup, and that you will change the pseudocode to something that fits your project.
// Import the library
import { Application, User } from "@vulos/identity-base"
import { BackendAuth } from "@vulos/identity-node-sdk";
// Create the application object
const auth = new Application({
id: "<paste your_client id here>",
secret: "<paste your client secret here>",
scope: "<paste your scopes here>",
redirectUrls: ["<your website's callback URL>,"]
}).createAuth(BackendAuth)
// Connect to the Vulos Identity server
await auth.connect()
// ... somewhere in a route that is supposed
// to redirect the user to the generated URL ...
async function handleRedirectRequest() {
// Create the request verifier
// NOTE: You should store the value of this in a database
// or distributed cache, and generate one per authentication request
const verifier = auth.createVerifier()
// pseudo-code:
// Generate a random ID
const authenticationRequestId = generateRandomId()
// Store the verifier to a database with the random ID as key
database['verifiers'].set(authenticationRequestId, verifier)
// Set a cookie to the ID, so we can get back the
// value of the verifier after the redirect
setCookie('auth-request', authenticationRequestId)
// Create the authorization URL, and redirect to it
redirect(await auth.createAuthUrl(verifier))
}
// ... somewhere in the callback URL route ...
async function handleCallbackRequest(queryParams) {
// Get the value of the cookie we set in the previous endpoint
const authenticationRequestId = getCookie('auth-request')
// Remove it, because we don't need it anymore
removeCookie('auth-request')
// Get the verifier's value
const verifier = database['verifiers'].get(authenticationRequestId)
// Process the callback URL's query paramters and get an
// user object that we can use to interact with the API
const user = await auth.processCallback(verifier,queryParams)
// Get some user information
const userInfo = await user.info()
// Put the tokens in an object that doesn't self-reference,
// so we can save it in a database or stringify it
const userTokens = user.save()
// Get the user ID
const userId = userinfo.id() // or userinfo.sub()
// Save the tokens for future use
database['users'].set(userId, userTokens)
// Create a JWT or any signed message that
// says that the user is authenticated
const signedValue = serverSign({
id: userId,
// in a real world scenario you
// would store more info and
// you would set an expiration date
// or add some way to revoke it
})
setCookie('token', signedValue)
redirect('/somewhere-else')
}
// This is supposed to be an example route that shows how to use the SDK
async function exampleRoute() {
// Get the signed token
const signedValue = getCookie('token')
// Verify it and get it's original value
const token = serverValidate(signedValue)
// Get the user tokens from the database
const userTokens = database['users'].get(token.id)
// Create an user object that you can use to interact with the APIs
const user = new User(auth, userTokens)
// Attempt to do stuff with the user
try {
// We are getting the user information again
const info = await user.info()
/* Do something with it here */
// For example, here's how you'd get all the organization names where
// you are a super admin (that you own)
const ownedOrganizationNames = []
const memberships = await user.getOrganizationMemberships()
for(const membership of memberships) {
const roles = await membership.getRoles()
for(const role of roles) {
if (role.name === "SuperAdmin") {
const organization = await membership.getOrganization()
ownedOrganizationNames.push(organization.name)
break
}
}
}
/* Do something with ownedOrganizationNames */
} finally {
// Save the user to the database, just in case the tokens got updated
database['users'].set(token.id, user.save())
}
}