-
Notifications
You must be signed in to change notification settings - Fork 11
OpenAMClient
Kind: global class
-
OpenAMClient
- new OpenAMClient(serverUrl)
-
.getServerInfo() ⇒
Promise -
.authenticate(username, password, [realm], [service], [module], [noSession]) ⇒
Promise -
.logout(sessionId) ⇒
Promise -
.validateSession(sessionId) ⇒
Promise -
.getLoginUrl(goto) ⇒
string -
.getCDSSOUrl(target, provider) ⇒
string -
.getPolicyDecision(params, sessionId, cookieName) ⇒
Promise -
.sessionServiceRequest(requestSet) ⇒
Promise -
.validateAccessToken(accessToken, [realm]) ⇒
Promise -
.getProfile(userId, realm, sessionId, cookieName) ⇒
Promise
This class is used to access OpenAM APIs.
| Param | Type | Description |
|---|---|---|
| serverUrl | string |
OpenAM server URL |
Gets the results of /json/serverinfo/*
Kind: instance method of OpenAMClient
Returns: Promise - Server info
Sends an authentication request to OpenAM. Returns Promise. The module argument overrides service. The default realm is /. If noSession is true, the credentials will be validated but no session will be created.
Kind: instance method of OpenAMClient
Returns: Promise - Authentication response
| Param | Type | Default | Description |
|---|---|---|---|
| username | string |
User name | |
| password | string |
Password | |
| [realm] | string |
"/" |
Realm |
| [service] | string |
Authentication service (i.e. chain) | |
| [module] | string |
Authentication module | |
| [noSession] | boolean |
If true, no session will be created |
Sends a logout request to OpenAM to to destroy the session identified by sessionId
Kind: instance method of OpenAMClient
Returns: Promise - Logout response
| Param | Type | Description |
|---|---|---|
| sessionId | string |
OpenAM dession ID |
Validates a given sessionId against OpenAM.
Kind: instance method of OpenAMClient
Returns: Promise - Session validation response
| Param |
|---|
| sessionId |
Returns an OpenAM login URL with the goto query parameter set to the original URL in req.
Kind: instance method of OpenAMClient
| Param | Type | Description |
|---|---|---|
| goto | string |
Target URL |
Constructs a CDSSO login URL
Kind: instance method of OpenAMClient
| Param | Type | Description |
|---|---|---|
| target | string |
Target URL |
| provider | string |
ProviderId (app URL) |
Gets policy decisions from OpenAM for params. params must be a well formatted OpenAM policy request object. It needs a valid sessionId and cookieName in order to make the request. (The user to whom the session belongs needs to have the REST calls for policy evaluation privilege in OpenAM.
Kind: instance method of OpenAMClient
Returns: Promise - Policy decision response
| Param | Type | Description |
|---|---|---|
| params | object |
Policy request params {@see https://backstage.forgerock.com/#!/docs/openam/current/dev-guide#rest-api-authz-policy-decisions} |
| sessionId | string |
OpenAM session ID |
| cookieName | string |
OpenAM session cookie name |
Sends requestSet to the SessionService. requestSet must be a properly formatted XML document.
Kind: instance method of OpenAMClient
Returns: Promise - Session service response
| Param | Type | Description |
|---|---|---|
| requestSet | object |
Session service request set |
Validates the OAuth2 access_token in the specified realm.
Kind: instance method of OpenAMClient
Returns: Promise - Token info response
| Param | Type | Default | Description |
|---|---|---|---|
| accessToken | string |
OAuth2 access_token | |
| [realm] | string |
"/" |
Gets a user's profile (requires an agent or admin session).
Kind: instance method of OpenAMClient
Returns: Promise - User profile response
| Param | Type | Description |
|---|---|---|
| userId | string |
User name |
| realm | string |
OpenAM realm name |
| sessionId | string |
a valid session ID with permissions to read user identities from the specified realm |
| cookieName | string |
OpenAM session cookie name |