@opengovsg/mockpass 3.1.3 → 4.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +5 -3
  2. package/lib/express/sgid.js +44 -38
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -44,9 +44,11 @@ MyInfo:
44
44
  - http://localhost:5156/myinfo/v3/person
45
45
 
46
46
  sgID:
47
- - http://localhost:5156/sgid/v1/oauth/authorize
48
- - http://localhost:5156/sgid/v1/oauth/token
49
- - http://localhost:5156/sgid/v1/oauth/userinfo
47
+ - http://localhost:5156/v2/oauth/authorize
48
+ - http://localhost:5156/v2/oauth/token
49
+ - http://localhost:5156/v2/oauth/userinfo
50
+ - http://localhost:5156/v2/.well-known/openid-configuration - OpenID discovery endpoint
51
+ - http://localhost:5156/v2/.well-known/jwks.json - JWKS endpoint which exposes the auth provider's signing keys
50
52
 
51
53
  Provide your application with the `spcp*` certs found in `static/certs`
52
54
  and with application certs at `static/certs/{key.pem|server.crt}`
package/lib/express/sgid.js CHANGED
@@ -12,7 +12,9 @@ const LOGIN_TEMPLATE = fs.readFileSync(
12
12
  'utf8',
13
13
  )
14
14
 
15
- const PATH_PREFIX = '/sgid/v1/oauth'
15
+ const VERSION_PREFIX = '/v2'
16
+ const OAUTH_PREFIX = '/oauth'
17
+ const PATH_PREFIX = VERSION_PREFIX + OAUTH_PREFIX
16
18
 
17
19
  const signingPem = fs.readFileSync(
18
20
  path.resolve(__dirname, '../../static/certs/spcp-key.pem'),
@@ -77,7 +79,7 @@ function config(app, { showLoginPage, serviceProvider }) {
77
79
  `Profile ${JSON.stringify(profile)} with token scope ${scopes}`,
78
80
  )
79
81
  const accessToken = authCode
80
- const iss = `${req.protocol}://${req.get('host')}`
82
+ const iss = `${req.protocol}://${req.get('host') + VERSION_PREFIX}`
81
83
 
82
84
  const { idTokenClaims, refreshToken } = assertions.oidc.create.singPass(
83
85
  profile,
@@ -149,6 +151,7 @@ function config(app, { showLoginPage, serviceProvider }) {
149
151
  data[name] = myInfoFields[index]
150
152
  })
151
153
  data['myinfo.nric_number'] = encryptedNric
154
+ data['openid'] = uuid
152
155
  const encryptionKey = await jose.JWK.asKey(serviceProvider.pubKey, 'pem')
153
156
 
154
157
  const plaintextPayloadKey = JSON.stringify(payloadKey.toJSON(true))
@@ -165,49 +168,52 @@ function config(app, { showLoginPage, serviceProvider }) {
165
168
  })
166
169
  })
167
170
 
168
- app.get('/.well-known/jwks.json', async (_req, res) => {
171
+ app.get(`${VERSION_PREFIX}/.well-known/jwks.json`, async (_req, res) => {
169
172
  const key = await jose.JWK.asKey(signingPem, 'pem')
170
173
  const jwk = key.toJSON()
171
174
  jwk.use = 'sig'
172
175
  res.json({ keys: [jwk] })
173
176
  })
174
177
 
175
- app.get('/.well-known/openid-configuration', async (req, res) => {
176
- const issuer = `${req.protocol}://${req.get('host')}`
178
+ app.get(
179
+ `${VERSION_PREFIX}/.well-known/openid-configuration`,
180
+ async (req, res) => {
181
+ const issuer = `${req.protocol}://${req.get('host') + VERSION_PREFIX}`
177
182
 
178
- res.json({
179
- issuer,
180
- authorization_endpoint: `${issuer}/${PATH_PREFIX}/authorize`,
181
- token_endpoint: `${issuer}/${PATH_PREFIX}/token`,
182
- userinfo_endpoint: `${issuer}/${PATH_PREFIX}/userinfo`,
183
- jwks_uri: `${issuer}/.well-known/jwks.json`,
184
- response_types_supported: ['code'],
185
- grant_types_supported: ['authorization_code'],
186
- // Note: some of these scopes are not yet officially documented
187
- // in https://docs.id.gov.sg/data-catalog
188
- // So they are not officially supported yet.
189
- scopes_supported: [
190
- 'openid',
191
- 'myinfo.nric_number',
192
- 'myinfo.name',
193
- 'myinfo.email',
194
- 'myinfo.sex',
195
- 'myinfo.race',
196
- 'myinfo.mobile_number',
197
- 'myinfo.registered_address',
198
- 'myinfo.date_of_birth',
199
- 'myinfo.passport_number',
200
- 'myinfo.passport_expiry_date',
201
- 'myinfo.nationality',
202
- 'myinfo.residentialstatus',
203
- 'myinfo.residential',
204
- 'myinfo.housingtype',
205
- 'myinfo.hdbtype',
206
- ],
207
- id_token_signing_alg_values_supported: ['RS256'],
208
- subject_types_supported: ['pairwise'],
209
- })
210
- })
183
+ res.json({
184
+ issuer,
185
+ authorization_endpoint: `${issuer}/${OAUTH_PREFIX}/authorize`,
186
+ token_endpoint: `${issuer}/${OAUTH_PREFIX}/token`,
187
+ userinfo_endpoint: `${issuer}/${OAUTH_PREFIX}/userinfo`,
188
+ jwks_uri: `${issuer}/.well-known/jwks.json`,
189
+ response_types_supported: ['code'],
190
+ grant_types_supported: ['authorization_code'],
191
+ // Note: some of these scopes are not yet officially documented
192
+ // in https://docs.id.gov.sg/data-catalog
193
+ // So they are not officially supported yet.
194
+ scopes_supported: [
195
+ 'openid',
196
+ 'myinfo.nric_number',
197
+ 'myinfo.name',
198
+ 'myinfo.email',
199
+ 'myinfo.sex',
200
+ 'myinfo.race',
201
+ 'myinfo.mobile_number',
202
+ 'myinfo.registered_address',
203
+ 'myinfo.date_of_birth',
204
+ 'myinfo.passport_number',
205
+ 'myinfo.passport_expiry_date',
206
+ 'myinfo.nationality',
207
+ 'myinfo.residentialstatus',
208
+ 'myinfo.residential',
209
+ 'myinfo.housingtype',
210
+ 'myinfo.hdbtype',
211
+ ],
212
+ id_token_signing_alg_values_supported: ['RS256'],
213
+ subject_types_supported: ['pairwise'],
214
+ })
215
+ },
216
+ )
211
217
  }
212
218
 
213
219
  const concatMyInfoRegAddr = (regadd) => {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@opengovsg/mockpass",
3
- "version": "3.1.3",
3
+ "version": "4.0.1",
4
4
  "description": "A mock SingPass/CorpPass server for dev purposes",
5
5
  "main": "index.js",
6
6
  "bin": {