sso-aws-kms v1.2.1

SSO With AWS KMS

This package is utilized for authentication and authorization of server requests.

Prerequisites

you will require an AWS KMS Symmetric key with the appropriate permissions. Additionally, you need to provide the access key and secret key. The key usages must be set to "Encrypt" and "Decrypt"

Ready To Install

• To install the package run npm i sso-aws-kms in your project directory
• you will need to add env variables in your .env file
  • AWS_REGION or AWS_KMS_REGION
  • AWS_ACCESS_KEY or AWS_KMS_ACCESS_KEY
  • AWS_SECRET_ACCESS_KEY or AWS_KMS_SECRET_ACCESS_KEY
  • AWS_KMS_ID (Key ID Not arn)
  • SSO_JWT_SECRET (Optional)
  • SSO_JWT_TIMEOUT (Optional, default time out is 5 min)

How to Use

Suppose you have two different projects, P1 and P2, and neither of them has OAuth or SSO integrated yet. Now, the goal is to enable single-click login in both projects, similar to how SSO (Single Sign-On) functions.

To achieve this, follow these steps:

1. Install the package in both projects with the same environment values.

2. Utilize the following functions for encryption and decryption of the payload:

   • To encrypt, use requestEncryptedToken and pass the username (Ensure that the same username is present in your second project). This will generate a JWT encrypted token, which you can then send to the second server.
   • Upon receiving the token, verify and decrypt it using the verifyAndDecryptToken function to retrieve the username.
   • Once you have the username, you can proceed to return the login token associated with the admin URL in the callback URL of the request or follow your preferred sign-in mechanism. Since you now have a valid username, you can perform the login operation without requiring a password.