npm - @oslokommune/auth-bff - Versions diffs - 2.0.0-beta2 → 2.0.0-beta3 - Mend

@oslokommune/auth-bff 2.0.0-beta2 → 2.0.0-beta3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +110 -6
package/dist/package.json +1 -1
package/dist/src/config.d.ts +1 -1
package/dist/src/vite-plugin.d.ts +2 -7
package/dist/src/vite-plugin.d.ts.map +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -60,9 +60,51 @@ npm install -g @oslokommune/auth-bff
 auth-bff
 ```
+## Running in Docker
+When running in docker you should specify the version to use, and make sure it matches the one used in package.json.
+Example dockerfile:
+```dockerfile
+FROM node:23-alpine AS base
+FROM base AS react-build
+WORKDIR /home/react
+COPY package*.json /home/react
+RUN npm install
+COPY . ./
+RUN npm run build
+FROM base
+WORKDIR /application
+EXPOSE 8080
+COPY --from=react-build /home/react/dist /application/dist
+ENV NODE_ENV=production
+RUN npm install -g @oslokommune/auth-bff@2.0.0-beta3
+COPY bff.config.json /application/
+CMD ["auth-bff"]
+```
+To use different configuration for different environments, you can create separate config files for each and select it at build time (using build args).
+For example, with `bff.config.dev.json` and `bff.config.prod.json`:
+```dockerfile
+ARG ENVIRONMENT=''
+COPY bff.config.${ENVIRONMENT}.json /application/bff.config.json
+CMD ["auth-bff"]
+```
+Or select it at runtime, using an env var:
+```dockerfile
+COPY bff.config*.json /application/
+CMD exec auth-bff --configFile bff.config.${ENVIRONMENT}.json
+```
 ## Configuration
-Configuration is set in json-files that look like this:
+Configuration is defined in json-files that look like this:
 ```json
 {
@@ -81,7 +123,7 @@ Configuration is set in json-files that look like this:
 }
 ```
-By default it looks for a file named `bff.config.json`. But this can be overridden:
+By default it looks for a file named `bff.config.json`, but this can be overridden:
 Vite:
@@ -118,9 +160,9 @@ AWS Parameter store:
 This loads from the configured AWS environment. For this to work on your local machine the `AWS_PROFILE` environment
 variable must be set, and you must be signed in to that profile
-See [config.ts](src/config.ts) description of all config parameters
+ℹ️ [See `config.ts` for a description of all config parameters](src/config.ts)
-### Using with ID-porten (via `okdata`):
+## Using with ID-porten (via `okdata`):
 `auth-bff` Has special support for keys generated by [`okdata`](https://github.com/oslokommune/okdata-cli).
@@ -214,6 +256,16 @@ resource "aws_dynamodb_table" "session_dynamodb_table" {
 }
 ```
+Then remember to update the config to use the new table:
+```json
+{
+  "sessionStoreOptions": {
+    "table": "myteam-dev-myservice-sessions"
+  }
+}
+```
 The read/write limits above are just an example, and can be changed/removed
 ## Required AWS permissions
@@ -233,8 +285,60 @@ dynamodb:Scan
 dynamodb:UpdateItem
 ```
-## React AuthContext
+## React component
+This package also includes a React component for handling authentication state. It will redirect to login if required
+and optionally automatically poll for changes to authentication state.
+### AuthContextProvider
+```tsx
+import {AuthContextProvider} from "@oslokommune/auth-bff/react";
+import {PktLoader} from "@oslokommune/punkt-react";
+const fiveMinutes = 5 * 60 * 1000;
+<AuthContextProvider authRequired={true} loaderComponent={<PktLoader/>} pollInterval={fiveMinues}>
+  <App/>
+</AuthContextProvider>
+```
+| Option         | Description                                                                                                                                           |
+|----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------|
+| authRequired   | Whether authentication is required. If true, will redirect to login before rendering child components (default: true)                                 |
+| loaderComponent | React component to display while loading auth state. (default: null)                                                                                  |
+| baseUrl        | Must be set to the same baseUrl as in the json config for login/logout to work correctly (default: '')                                                |
+| pollInterval   | Minimum interval in milliseconds between checks if session is still active. Will set authState to 'expired' if session is expired (default: disabled) |
+### useAuthContext
+Hook to get current AuthState. Must be called in a component inside the AuthContextProvider.
+```tsx
+import {useAuthContext} from "@oslokommune/auth-bff/react";
-This package also includes a React component for handling authentication state
+const {user, authState, login} = useAuthContext()
+if(authState === 'authenticated') {
+  console.log(`Hello, ${user.pid}`)
+} else {
+  login()
+}
+```
+| Property  | Description                                                                                                                                                      |
+|-----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| user      | The currently logged in user, or null if not logged in. User object contains the id_token claims returned from the usr endpoint. See config option `userClaims`. |
+| login     | Function that will redirect to the login endpoint when invoked                                                                                                   |
+| logout    | Function that will redirect to the logout endpoint when invoked                                                                                                  |
+| authState | Current auth state. See table below for values                                                                                                                   |                                                                                                                                              |                                                                                                                                                         |
+#### AuthState
+| Value           | Description                                                                                                      |
+|-----------------|------------------------------------------------------------------------------------------------------------------|
+| pending         | Initial value before auth state has been determined                                                              |
+| authenticated   | User is authenticated.                                                                                           |
+| unauthenticated | User is not authenticated                                                                                        |
+| expired         | User was authenticated, but the session has expired. Can be used to display message to user or redirect to login |                                                                                                                                              |                                                                                                                                                         |
+| error           | Failed to determine auth state                                                                                   |                                                                                                                                              |                                                                                                                                                         |

package/dist/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@oslokommune/auth-bff",
-    "version": "2.0.0-beta2",
+    "version": "2.0.0-beta3",
     "repository": "https://github.com/oslokommune/auth-bff.git",
     "publishConfig": {
         "access": "public"

package/dist/src/config.d.ts CHANGED Viewed

@@ -98,7 +98,7 @@ export type BffConfig = {
         [path: string]: string;
     };
     /**
-     * List of claims in the access token that are returned by the /user-endpoint. By default all are returned
+     * List of claims in the id_token that are returned by the /user-endpoint. By default all are returned
      *
      * Example: `["pid"]`
      */

package/dist/src/vite-plugin.d.ts CHANGED Viewed

@@ -1,10 +1,5 @@
-import { ViteDevServer } from 'vite';
+import { Plugin } from 'vite';
 export default function bff({ configFile }?: {
     configFile?: string;
-}): {
-    name: string;
-    apply: string;
-    configureServer: ({ middlewares }: ViteDevServer) => Promise<void>;
-    configurePreviewServer: ({ middlewares }: ViteDevServer) => Promise<void>;
-};
+}): Plugin;
 //# sourceMappingURL=vite-plugin.d.ts.map

package/dist/src/vite-plugin.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"vite-plugin.d.ts","sourceRoot":"","sources":["../../src/vite-plugin.ts"],"names":[],"mappings":"AAGA,OAAO,~~EAAC~~,~~aAAa~~,EAAC,MAAM,MAAM,CAAA;~~AAsBlC~~,MAAM,CAAC,OAAO,UAAU,GAAG,CAAC,EAAC,UAAU,EAAC,GAAE;IAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAAM~~;;;uCAnBrC~~,~~aAAa;8CAAb~~,~~aAAa;EA0B3C~~"}
1	+ {"version":3,"file":"vite-plugin.d.ts","sourceRoot":"","sources":["../../src/vite-plugin.ts"],"names":[],"mappings":"AAGA,OAAO,EAAgB,MAAM,EAAC,MAAM,MAAM,CAAA;AAsB1C,MAAM,CAAC,OAAO,UAAU,GAAG,CAAC,EAAC,UAAU,EAAC,GAAE;IAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAAM,GAAG,MAAM,CAO5E"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@oslokommune/auth-bff",
-  "version": "2.0.0-beta2",
+  "version": "2.0.0-beta3",
   "repository": "https://github.com/oslokommune/auth-bff.git",
   "publishConfig": {
     "access": "public"