@eduzz/miau-client 1.4.1 → 1.4.2-rc.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build$colon$types.log +1 -1
- package/README.md +143 -0
- package/package.json +1 -1
package/README.md
ADDED
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
# @eduzz/miau-client
|
|
2
|
+
|
|
3
|
+
Node.js client for the Eduzz Miau authentication and authorization service. Includes Express and Fastify middleware for automatic request validation.
|
|
4
|
+
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
npm install @eduzz/miau-client
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
## Usage
|
|
12
|
+
|
|
13
|
+
```typescript
|
|
14
|
+
import { MiauClient } from '@eduzz/miau-client';
|
|
15
|
+
|
|
16
|
+
const client = new MiauClient({
|
|
17
|
+
apiUrl: 'https://your-miau-api-url',
|
|
18
|
+
appSecret: 'your-app-secret',
|
|
19
|
+
});
|
|
20
|
+
|
|
21
|
+
const token = await client.getToken();
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
## Example
|
|
25
|
+
|
|
26
|
+
```typescript
|
|
27
|
+
import { MiauClient } from '@eduzz/miau-client';
|
|
28
|
+
|
|
29
|
+
const MIAU_API_URL = process.env.MIAU_API_URL!;
|
|
30
|
+
const MIAU_APP_SECRET = process.env.MIAU_APP_SECRET!;
|
|
31
|
+
const YOUR_API_URL = process.env.YOUR_API_URL || 'https://your-api.example.com';
|
|
32
|
+
|
|
33
|
+
const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET });
|
|
34
|
+
const token = await miau.getToken();
|
|
35
|
+
|
|
36
|
+
const response = await fetch(`${YOUR_API_URL}/your/endpoint`, {
|
|
37
|
+
headers: { Authorization: `Bearer ${token}` },
|
|
38
|
+
});
|
|
39
|
+
|
|
40
|
+
const data = await response.json();
|
|
41
|
+
console.log(JSON.stringify(data, null, 2));
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
## Express Middleware
|
|
45
|
+
|
|
46
|
+
Validates incoming requests using Miau tokens and checks permissions automatically.
|
|
47
|
+
|
|
48
|
+
```typescript
|
|
49
|
+
import express from 'express';
|
|
50
|
+
import { MiauClient } from '@eduzz/miau-client';
|
|
51
|
+
|
|
52
|
+
const app = express();
|
|
53
|
+
const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET });
|
|
54
|
+
|
|
55
|
+
app.use(miau.middleware());
|
|
56
|
+
|
|
57
|
+
app.get('/your/endpoint', (req, res) => {
|
|
58
|
+
// req.miauApplication - the authenticated application
|
|
59
|
+
// req.miauMetadata - permission metadata
|
|
60
|
+
res.json({ app: req.miauApplication });
|
|
61
|
+
});
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
With custom request augmentation:
|
|
65
|
+
|
|
66
|
+
```typescript
|
|
67
|
+
app.use(
|
|
68
|
+
miau.middleware({
|
|
69
|
+
requestAugmentation: ({ req, app, meta }) => {
|
|
70
|
+
// Attach custom data to the request
|
|
71
|
+
},
|
|
72
|
+
fallbackMiddleware: (req, res, next) => {
|
|
73
|
+
// Called when token is missing/malformed (400 errors)
|
|
74
|
+
next();
|
|
75
|
+
},
|
|
76
|
+
})
|
|
77
|
+
);
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
## Fastify Hook
|
|
81
|
+
|
|
82
|
+
```typescript
|
|
83
|
+
import Fastify from 'fastify';
|
|
84
|
+
import { MiauClient } from '@eduzz/miau-client';
|
|
85
|
+
|
|
86
|
+
const app = Fastify();
|
|
87
|
+
const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET });
|
|
88
|
+
|
|
89
|
+
app.addHook('preHandler', miau.hook());
|
|
90
|
+
|
|
91
|
+
app.get('/your/endpoint', async (request, reply) => {
|
|
92
|
+
// request.miauApplication - the authenticated application
|
|
93
|
+
// request.miauMetadata - permission metadata
|
|
94
|
+
return { app: request.miauApplication };
|
|
95
|
+
});
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
## API
|
|
99
|
+
|
|
100
|
+
### `new MiauClient({ apiUrl, appSecret })`
|
|
101
|
+
|
|
102
|
+
Creates a new client instance.
|
|
103
|
+
|
|
104
|
+
| Parameter | Type | Description |
|
|
105
|
+
|------------|----------|------------------------------|
|
|
106
|
+
| `apiUrl` | `string` | Miau API base URL |
|
|
107
|
+
| `appSecret`| `string` | Application secret from Miau |
|
|
108
|
+
|
|
109
|
+
### `client.getToken(): Promise<string>`
|
|
110
|
+
|
|
111
|
+
Returns a valid JWT access token. Tokens are cached in memory and automatically refreshed when they are within 60 seconds of expiration.
|
|
112
|
+
|
|
113
|
+
### `client.getTokenData(): Promise<MiauClientToken>`
|
|
114
|
+
|
|
115
|
+
Returns the decoded token payload.
|
|
116
|
+
|
|
117
|
+
### `client.getEnvironment(): SecretEnv`
|
|
118
|
+
|
|
119
|
+
Returns the environment extracted from the app secret (e.g. `production`, `staging`).
|
|
120
|
+
|
|
121
|
+
### `client.getPublicKey(kid: string): Promise<string>`
|
|
122
|
+
|
|
123
|
+
Fetches and caches the public key for the given key ID from the JWKS endpoint.
|
|
124
|
+
|
|
125
|
+
### `client.verify(token: string, publicKey: string): Promise<MiauClientToken>`
|
|
126
|
+
|
|
127
|
+
Verifies a JWT token using the provided public key (RS256).
|
|
128
|
+
|
|
129
|
+
### `client.hasPermission(sourceAppId: string, resource: Resource): Promise<HasPermissionResponse>`
|
|
130
|
+
|
|
131
|
+
Checks if a source application has permission to access a given resource.
|
|
132
|
+
|
|
133
|
+
### `client.middleware(config?): RequestHandler`
|
|
134
|
+
|
|
135
|
+
Returns an Express middleware that authenticates requests and checks permissions.
|
|
136
|
+
|
|
137
|
+
### `client.hook(config?): FastifyHook`
|
|
138
|
+
|
|
139
|
+
Returns a Fastify `preHandler` hook that authenticates requests and checks permissions.
|
|
140
|
+
|
|
141
|
+
## Requirements
|
|
142
|
+
|
|
143
|
+
- Node.js >= 18
|