Skip to main content

@nestjs-mod/authorizer

Universal javaScript SDK for Authorizer API (Wrapper for https://www.npmjs.com/package/@authorizerdev/authorizer-js)

NPM version monthly downloads Telegram Discord

Installation

npm i --save @authorizerdev/authorizer-js@2.0.0 @nestjs-mod/authorizer

Modules

LinkCategoryDescription
AuthorizerModulecoreUniversal javaScript SDK for Authorizer API

Modules descriptions

AuthorizerModule

Universal javaScript SDK for Authorizer API

Use in NestJS-mod

An approximate description of how to connect, an extended description with an example application will be next time (todo: right now I have a lot of work and don’t have time to arrange everything properly 😉)

@Controller()
export class AppController {
constructor(private readonly authorizerService: AuthorizerService) {}

@Get('get-authorizer-client-id')
@AllowEmptyUser()
getAuthorizerClientID(@CurrentAuthorizerUser() authorizerUser: AuthorizerUser) {
console.log(authorizerUser);
return this.authorizerService.config.clientID;
}
}

const { AppModule } = createNestModule({
moduleName: 'AppModule',
imports: [
AuthorizerModule.forFeature({
featureModuleName: 'AppModule',
}),
],
controllers: [AppController],
});

bootstrapNestApplication({
globalConfigurationOptions: { debug: true },
globalEnvironmentsOptions: { debug: true },
modules: {
system: [
ProjectUtils.forRoot({
staticConfiguration: {
applicationPackageJsonFile: join(appFolder, PACKAGE_JSON_FILE),
packageJsonFile: join(rootFolder, PACKAGE_JSON_FILE),
envFile: join(rootFolder, '.env'),
},
}),
DefaultNestApplicationInitializer.forRoot({
staticConfiguration: {
bufferLogs: true,
},
}),
DefaultNestApplicationListener.forRoot({
staticConfiguration: {
// When running in infrastructure mode, the backend server does not start.
mode: isInfrastructureMode() ? 'silent' : 'listen',
},
}),
],
core: [
AuthorizerModule.forRoot({
staticConfiguration: {
checkAccessValidator: async (
authorizerUser?: AuthorizerUser,
options?: CheckAccessOptions,
ctx?: ExecutionContext
) => {
if (
typeof ctx?.getClass === 'function' &&
typeof ctx?.getHandler === 'function' &&
ctx?.getClass().name === 'TerminusHealthCheckController' &&
ctx?.getHandler().name === 'check'
) {
return true;
}

return defaultAuthorizerCheckAccessValidator(authorizerUser, options);
},
},
}),
],
feature: [AppModule.forRoot()],
infrastructure: [
InfrastructureMarkdownReportGenerator.forRoot({
staticConfiguration: {
markdownFile: join(appFolder, 'INFRASTRUCTURE.MD'),
skipEmptySettings: true,
},
}),
DockerCompose.forRoot({
configuration: {
dockerComposeFileVersion: '3',
dockerComposeFile: join(appFolder, DOCKER_COMPOSE_FILE),
},
}),
DockerComposePostgreSQL.forFeature({
featureModuleName: authorizerFeatureName,
}),
DockerComposeRedis.forRoot(),
DockerComposeAuthorizer.forRoot({
staticEnvironments: {
redisUrl: '%SERVER_AUTHORIZER_INTERNAL_REDIS_URL%',
databaseUrl: '%SERVER_AUTHORIZER_INTERNAL_DATABASE_URL%',
},
staticConfiguration: {
featureName: authorizerFeatureName,
organizationName: 'OrganizationName',
dependsOnServiceNames: {
'postgre-sql-migrations': 'service_completed_successfully',
redis: 'service_healthy',
},
},
}),
],
},
});

New environment variable

SERVER_AUTHORIZER_DATABASE_URL=postgres://Yk42KA4sOb:B7Ep2MwlRR6fAx0frXGWVTGP850qAxM6@server-postgre-sql:5432/authorizer?schema=public
SERVER_AUTHORIZER_REDIS_URL=redis://:cgSOXCMczzNFkxAmDJAsoujJYpoMDuTT@server-redis:6379
SERVER_AUTHORIZER_INTERNAL_DATABASE_URL=postgres://Yk42KA4sOb:B7Ep2MwlRR6fAx0frXGWVTGP850qAxM6@server-postgre-sql:5432/authorizer
SERVER_AUTHORIZER_INTERNAL_REDIS_URL=redis://:cgSOXCMczzNFkxAmDJAsoujJYpoMDuTT@server-redis:6379

When launched in the infrastructure documentation generation mode, the module creates an .env file with a list of all required variables, as well as an example example.env, where you can enter example variable values.

Shared providers

AuthorizerService

Environments

KeyDescriptionSourcesConstraintsDefaultValue
clientIdClient IDobj['clientId'], process.env['AUTHORIZER_CLIENT_ID']optional--
authorizerURLAuthorizer URLobj['authorizerURL'], process.env['AUTHORIZER_AUTHORIZER_URL']isNotEmpty (authorizerURL should not be empty)--
redirectURLRedirect URLobj['redirectURL'], process.env['AUTHORIZER_REDIRECT_URL']isNotEmpty (redirectURL should not be empty)--
adminSecretAdmin secretobj['adminSecret'], process.env['AUTHORIZER_ADMIN_SECRET']optional--
allowedExternalAppIdsAllowed identifiers of external applications, if you have logged in previously and do not need to log in again in the authorization service, these identifiers must be private and can be used for testing.obj['allowedExternalAppIds'], process.env['AUTHORIZER_ALLOWED_EXTERNAL_APP_IDS']optional--

Static configuration

KeyDescriptionConstraintsDefaultValue
featureNameFeature name for generate prefix to environments keysoptional--
extraHeadersExtra headersoptional--
getRequestFromContextFunction for resolve request from execution contextoptionalgetRequestFromExecutionContext-
checkAccessValidatorExternal function for validate permissionsoptionaldefaultAuthorizerCheckAccessValidator-
externalUserIdHeaderNameA header for searching for an external user ID, if you have logged in previously and do not need to log in again in the authorization service, can be used during testing.optionalx-external-user-id-
externalAppIdHeaderNameHeader for searching for external application identifiers, if you have logged in previously and do not need to log in again in the authorization service, these identifiers must be private and can be used for testing.optionalx-external-app-id-
getAuthorizerUserFromExternalUserIdFunction for resolve authorizer user by externalUserIdoptionaldefaultAuthorizerGetAuthorizerUserFromExternalUserId-

Back to Top

License

MIT