bankos-security-nodejs v1.0.7

BankOSSecurityNodeJs

This library was generated with node version 14.3.0

Dependencies

This library needs keycloak-connect adapter as a peer dependency. Make sure to run ng install keycloak-connect followed by ng install bankos-security-nodejs

Usage

const express = require('express'); const Keycloak = require('bankos-security-nodejs');

const app = express();

const keycloakConfig = { 'clientId': 'my-node-app', 'bearer-only': true };

// Above, realm, securityUrl are not provided as part of config. Instead these details will be captured from the auth token when keycloak.protect() is called on a endpoint. Thus, implementing Multitenancy.

// Instantiate the class just as the official module. If no keycloakConfig is provided, it will read the configuration from keycloak.json file.

const _keycloak = new Keycloak(keycloakConfig);

// add the middleware

app.use(keycloak.middleware());

// protect any endpoint

app.get('/files', keycloak.protect(), filesEndpointHandler);

Implementing getRealmNameFromRequest

For requests without token to work (anonymous requests), you must implement the getRealmNameFromRequest method. This is required for admin and logout endpoints to work.

The implementation will depend on your specific use case:

keycloak.getRealmNameFromRequest = (req) => { // for example, you could get the realmName from the path return req.originalUrl.split('/')0; };

keycloak.getRealmNameFromRequest = (req) => { // or from the host return req.get('host').split('.')0; };

keycloak.getRealmNameFromRequest = (req) => { // or from a query string return req.query.realm; };