1 | # Node SDK for Anvil Connect
|
2 |
|
3 | **[Anvil Connect](https://github.com/anvilresearch/connect)** aims to be a scalable, full-featured, ready-to-run [**OpenID Connect**](http://openid.net/connect/) + [**OAuth 2.0**](http://tools.ietf.org/html/rfc6749) **Provider**. This package is a Nodejs client.
|
4 |
|
5 |
|
6 | ### Install
|
7 |
|
8 | ```bash
|
9 | $ npm install anvil-connect-nodejs --save
|
10 | ```
|
11 |
|
12 | ### Usage
|
13 |
|
14 | Configuration example:
|
15 |
|
16 | ```javascript
|
17 | var anvil = require('anvil-connect-nodejs');
|
18 |
|
19 | anvil.configure({
|
20 | provider: {
|
21 | uri: 'https://your.authorization.server',
|
22 | key: '/path/to/public.key.pem'
|
23 | },
|
24 | client: {
|
25 | id: 'uuid',
|
26 | token: 'client.jwt.access.token'
|
27 | },
|
28 | params: {
|
29 | redirectUri: 'https://your.client.tld/callback'
|
30 | }
|
31 | });
|
32 | ```
|
33 |
|
34 |
|
35 | ### Protecting Services
|
36 |
|
37 | This package includes Connect/Express/Restify compatible middleware for authenticating access tokens issued by Anvil Connect and enforcing authorization based on OAuth 2.0 scope.
|
38 |
|
39 | This middleware can be used as route specific middleware...
|
40 |
|
41 | ```javascript
|
42 | var authorize = anvil.verify({ scope: 'research' });
|
43 |
|
44 | server.post('/protected', authorize, function (req, res, next) {
|
45 | // handle the request
|
46 | });
|
47 | ```
|
48 |
|
49 | ...or to protect the entire server:
|
50 |
|
51 | ```javascript
|
52 | server.use(anvil.verify({ scope: 'research' }));
|
53 | ```
|
54 |
|