IBM Cloud App ID Client SDK
Client-side javascript SDK for the IBM Cloud App ID service.
-Read the official documentation for information about getting started with IBM Cloud App ID Service.
Table of Contents
-
@@ -77,8 +77,10 @@
Installation
Using npm:
+npm install ibmcloud-appid-js
import AppID from 'ibmcloud-appid-js'; +
From the CDN:
-<script src="""></script> +
<script src="https://cdn.appid.cloud.ibm.com/appid-0.0.2.min.js"></script>
Or for development purposes use the minified file in this repo:
<script type='text/javascript' src="dist/appid.min.js"></script> @@ -119,7 +121,7 @@
API Reference
diff --git a/docs/index.js.html b/docs/index.js.html index 991d389..aefebd8 100644 --- a/docs/index.js.html +++ b/docs/index.js.html @@ -47,9 +47,9 @@index.js
const PopupController = require('./PopupController'); const IFrameController = require('./IFrameController'); const OpenIdConfigurationResource = require('./OpenIDConfigurationResource'); -const TokenValidator = require('./TokenValidator'); const constants = require('./constants'); const AppIDError = require('./errors/AppIDError'); +const jsrsasign = require('jsrsasign'); /** * This class provides functions to support authentication. @@ -64,7 +64,6 @@index.js
{ popup = new PopupController(), iframe = new IFrameController(), - tokenValidator = new TokenValidator(), openIdConfigResource = new OpenIdConfigurationResource(), utils, requestHandler = new RequestHandler(), @@ -74,12 +73,11 @@index.js
this.popup = popup; this.iframe = iframe; - this.tokenValidator = tokenValidator; this.openIdConfigResource = openIdConfigResource; this.URL = url; this.utils = utils; if (!utils) { - this.utils = new Utils({openIdConfigResource: this.openIdConfigResource, url: this.URL}); + this.utils = new Utils({openIdConfigResource: this.openIdConfigResource, url: this.URL, popup: this.popup, jsrsasign}); } this.request = requestHandler.request; this.window = w; @@ -104,7 +102,7 @@index.js
* }); * */ - async init({clientId, discoveryEndpoint, popup = {height: screen.height * .80, width: 400}}) { + async init({clientId, discoveryEndpoint, popup = {height: window.screen.height * .80, width: 400}}) { if (!clientId) { throw new AppIDError(constants.MISSING_CLIENT_ID); } @@ -115,8 +113,8 @@index.js
} await this.openIdConfigResource.init({discoveryEndpoint, requestHandler: this.request}); + this.popup.init(popup); this.clientId = clientId; - this.popupConfig = popup; this.initialized = true; } @@ -141,25 +139,8 @@index.js
*/ async signin() { this._validateInitalize(); - - const {codeVerifier, nonce, state, authUrl} = this.utils.getAuthParams(this.clientId, this.window.origin); - - this.popup.open(this.popupConfig); - this.popup.navigate(authUrl); - const message = await this.popup.waitForMessage({messageType: 'authorization_response'}); - this.popup.close(); - - this.utils.verifyMessage({message, state}); - - let authCode = message.data.code; - - return await this.utils.exchangeTokens({ - clientId: this.clientId, - authCode, - codeVerifier, - nonce, - windowOrigin: this.window.origin - }); + const endpoint = this.openIdConfigResource.getAuthorizationEndpoint(); + return this.utils.performOAuthFlowAndGetTokens({origin: this.window.origin, clientId: this.clientId, endpoint}); } /** @@ -176,9 +157,15 @@index.js
*/ async silentSignin() { this._validateInitalize(); - const {codeVerifier, nonce, state, authUrl} = this.utils.getAuthParams(this.clientId, this.window.origin, constants.PROMPT); + const endpoint = this.openIdConfigResource.getAuthorizationEndpoint(); + const {codeVerifier, nonce, state, url} = this.utils.getAuthParamsAndUrl({ + clientId: this.clientId, + origin: this.window.origin, + prompt: constants.PROMPT, + endpoint + }); - this.iframe.open(authUrl); + this.iframe.open(url); let message; try { @@ -189,7 +176,7 @@index.js
this.utils.verifyMessage({message, state}); let authCode = message.data.code; - return await this.utils.exchangeTokens({ + return await this.utils.retrieveTokens({ clientId: this.clientId, authCode, codeVerifier, @@ -220,38 +207,40 @@index.js
} /** - * This method will open a popup to the change password widget. It requires a Cloud Directory user ID, which can be found in the ID token payload identities array. - * @param {string} userId The Cloud Directory user ID. - * @returns {Promise<void>} - * @throws {AppIDError} "Missing user id" The user id is missing. + * This method will open a popup to the change password widget for Cloud Directory users. + * @param {string} idTokenPayload The id token payload. + * @returns {Promise<Tokens>} The tokens of the authenticated user. + * @throws {AppIDError} "Expect id token payload object to have identities field" + * @throws {AppIDError} "Must be a Cloud Directory user" + * @throws {AppIDError} "Missing id token payload" * @example - * await appID.changePassword(tokens.idTokenPayload.identities[0].id); + * let tokens = await appID.changePassword(idTokenPayload); */ - async changePassword(userId) { + async changePassword(idTokenPayload) { this._validateInitalize(); - if (!userId) { - throw new AppIDError(constants.MISSING_USER_ID); + let userId; + + if (!idTokenPayload){ + throw new AppIDError(constants.MISSING_ID_TOKEN_PAYLOAD); + } + if (typeof idTokenPayload === 'string') { + throw new AppIDError(constants.INVALID_ID_TOKEN_PAYLOAD); + } + if(idTokenPayload.identities && idTokenPayload.identities[0] && idTokenPayload.identities[0].id) { + if (idTokenPayload.identities[0].provider !== 'cloud_directory') { + throw new AppIDError(constants.NOT_CD_USER); + } + userId = idTokenPayload.identities[0].id; + } else { + throw new AppIDError(constants.INVALID_ID_TOKEN_PAYLOAD); } - const {codeVerifier, state, nonce, changePasswordUrl} = this.utils.getChangePasswordInfo({ + + const endpoint = this.openIdConfigResource.getIssuer() + constants.CHANGE_PASSWORD; + return this.utils.performOAuthFlowAndGetTokens({ userId, origin: this.window.origin, - clientId: this.clientId - }); - - this.popup.open(this.popupConfig); - this.popup.navigate(changePasswordUrl); - const message = await this.popup.waitForMessage({messageType: 'authorization_response'}); - this.popup.close(); - this.utils.verifyMessage({message, state}); - let authCode = message.data.code; - - await this.utils.exchangeTokens({ clientId: this.clientId, - authCode, - codeVerifier, - nonce, - openId: this.openIdConfigResource, - windowOrigin: this.window.origin + endpoint }); } @@ -281,7 +270,7 @@index.js