Cidaas-interceptor NPM

This project is deprecated and no longer maintained.

Please use the cidaas-interceptor-nodejs instead: https://www.npmjs.com/package/cidaas-interceptor-nodejs

Add the cidaas interceptor : node js (with express js)

npm install cidaas-interceptor --save

Usage

Cidaas Interceptor works as middleware for express nodeJS servers.

Express js

var express = require('express');
var app = express();
var bodyParser = require("body-parser");
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));

// import and configure cidaas intcerceptor
var cidaasConfig = require("./Resources/configs/cidaas-service.json");
var cidaas_interceptor = require("cidaas-interceptor")(cidaasConfig);

Check Scope

app.get("/serviceurl", cidaas_interceptor({ scopes: ["cidaas:write"] }), function (req, res) {

// your code

});

Check Role

app.post("/serviceurl", cidaas_interceptor({ roles: ["Admin"] }), function (req, res) {

// your code

});

Check Role and Scope

app.get("/serviceurl", cidaas_interceptor({ scopes: ["cidaas:write"], roles: ["Admin"] }), function (req, res) {

// your code

});

DenyAll

app.get("/serviceurl", cidaas_interceptor({denyAll : true}), function (req, res) {

// your code

});

PermitAll

app.get("/serviceurl", cidaas_interceptor({permitAll : true}), function (req, res) {

// your code

});

OR just ignore the inceptor code

app.get("/serviceurl", function (req, res) {

// your code

});

Required Property file :

vim cidaas-service.json

{
"user_info_by_token" : "cidaas url",
"update_token_check_url":"update token url"
}

Load properties to cidaas interceptor

var cidaasConfig = require("./Resources/configs/cidaas-service.json");
var cidaas_interceptor = require("cidaas-interceptor")(cidaasConfig);

Property Details

Field	Default Value	Required	Max
user_info_by_token	""	Yes
update_token_check_url	""	Yes
tokenKey	"access_token"	No
updateIntervalInSec	5000	No	10000

Note

node vs java interceptor comparison

Unlike the Java interceptor, you have to add cidaas middleware in all of your required route methods. If the method does not have the cidaas interceptor middleware, this is the same as java's @PermitAll
Java's @OAuthScopes(scopes = { "cidaas:write", ... }) == cidaas_interceptor({ scopes: ["cidaas:write", ...]})
Java's @RolesAllowed(value = { "role1", "role2", ... }) == cidaas_interceptor({ roles: ["role1", "role2", ...]})
Don't have support for JWE