Cbp-js NPM | npm.io

Introduction

cbp-js is a Javascript library for cbp. It provides support of OIDC and Oauth 2.0 protocol and other useful functions.

The AuthenticationClient class provides a higher level api for signing in, signing out, monitoring session, event for access token expiring and access token expired.

Install

npm install i cbp-js

Getting Started

AuthenticationClient

Configuration

The AuthenticationClient constructor requires a settings object. These settings are these:

Required Settings

authorization_server - The URL of the authorization server.
authentication_endpoint - The URL for authentication.
token_endpoint - The URL for getting token.
client_id - The client identifier of the application.
redirect_uri - The redirect url of the application. This URL must be registered when registering the application.
storage - The storage. use WebStorage.
response_type - The response type. Currently supported response_type code.

Optional Settings

check_session_iframe - The URL of authorization server for checking session.
userinfo_endpoint - The URL of userinfo for getting the user information.
end_session_endpoint - The URL of authorization for ending the session.
post_logout_redirect_uri - The redirect url of the application. This URL must be registered when registering the application.
monitor_session - Enable session monitoring.
silent_renew - Set to true to enable silent renew
silent_redirect_uri Set the silent redirect uri
state - Add state parameter.
nonce - Add nonce parameter.
scope - Add a scope. Default openid.
prompt - Add prompt parameter. Default login. Available options login and consent.

Properties

options Returns the options provided.
event Returns various events raised by AuthenticationClient.
oidc Returns various methods for authorization/authentication.

Oidc

These are the available methods under oidc:

signInCallback - This method redirects the user to authorization server authentication endpoint.
signInRedirectCallback - This method handle the redirection if successful exchange the code for token and store it.
logoutCallback - This method redirects the user to the end session endpoint.
getUser - This method get the user information.
silentRenew - This method create a hidden iframe for renewing of token.
signinSilentCallback This method handle the new token.

Event

These are the available methods under event:

signOutEvent - Raised when the user logout from the OP.
accessTokenExpiringEvent - Raised when access token is expiring.
accessTokenExpiredEvent - Raised when access token is expired.

Other classes

Util - Helper class.
TokenManager - Class for token management.
WebStorage - Specify storage.

Usage

Example usage:

Initialization

import { AuthenticationClient , WebStorage } from 'cbp-js/cbp-lib.es';

export const auth = new AuthenticationClient({
  storage: new WebStorage({
    store: window.localStorage
  }),
  authorization_server: 'https://AUTH_DOMAIN',
  authentication_endpoint: 'https://AUTH_DOMAIN/oauth/v1/authorize',
  token_endpoint: 'https://AUTH_DOMAIN/oauth/v1/token',
  client_id: 'YOUR_CLIENTID',
  response_type: "code",
  redirect_uri: 'https://REDIRECT_URI',
  scope: "openid user:read",
  monitor_session: true,
  check_session_iframe: 'https://AUTH_DOMAINT/oauth/v1/checkSession"
});

Calling the method

// Signing user
auth.oidc.signInCallback().catch(error => console.log(error));

// Handling callback
auth.oidc.signInRedirectCallback().then(token => {})
    .catch(error => console.log(error));

// Logging out
auth.oidc.logoutCallback().catch(error => console.log(error));


// Checking user signout
auth.oidc.event.signOutEvent.subscribe(session => {})
    .catch(error => console.log(error));

// Checking access token expiring
auth.oidc.event.accessTokenExpiringEvent.subscribe(expiring => {})
    .catch(error => console.log(error));

// Checking access token expired
auth.oidc.event.accessTokenExpiredEvent.subscribe(expired => {})
    .catch(error => console.log(error));