ServiceAuthorizationMiddleware
| Param | Type | Description |
|---|---|---|
Extract and authorize token using the provided auth params
| Param | Type | Description |
|---|---|---|
Error handler for errors thrown by ServiceAuthorizationMiddleware
Will handle telling IMSG to redirect unauthorized requests, but will pass on any other errors to next()
| Param | Type | Description |
|---|---|---|
The type definition of the full auhtorization object with all parameters.
Passed to the authorize function.
Properties
The type definition of the access rule.
Passed to the authorize function within the object as a list of access rules.
All properties are optional, but at least one must exist
Properties
Type defintion of the authorization mode.
SERVICE_ADMIN_ENDPOINT - Authorization validates if you are a service admin and have a valid token. Either accessed or thrown out.
OPEN_ENDPOINT - Authorization validates if you have a valid token and lets you through to the open endpoint. Either accessed or thrown out.
Either SERVICE_ADMIN_ENDPOINT or OPEN_ENDPOINT
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
options
Object
Required -
options.serviceTokenSignSecret
string
Required - Secret to validate token signature against
authParams
FullAuthorizationParameters | AuthorizationMode
Required - Authorization parameters to pass to
err
Object
Express err
req
Object
Required - Express req
res
Object
Required - Express res
next
function
Required - Express next
onPreAuth
function
Function to run before authorize is called
org
string | function | Boolean
Required - Organiztion to authorize against
accessRules
Array.<AccessRule>
Optional access rules to authorize against
suppressLoginTrigger
Boolean
If true, do not redirect failed authorization to login
unit
string | function
Unit that should match token
permission
string | function
Permission that should match token
sub
string | function
Subject that should match token