Auth Lib Core


Using the Auth Lib Core

1. In the head of your HTML put:

<script src="/core.js"></script>

2. At the start of your application Javascript, initiate the Auth Lib Core:

                    identServiceUrl: "",
                    issuer: "auth-bar",
                    services: ["blockone"]
The config parameters for the Auth Lib are described below.

Auth Lib Core Parameters

identServiceUrl (Mandatory)

AuthLib.config({identServiceUrl: ""})
The location of the Auth service that Auth Lib should use

issuer (Mandatory)

AuthLib.config({issuer: "Auth-project"})
The name of the Auth project ID of your project

services (Mandatory)

AuthLib.config({services: ["Auth-project"]})
The name of the Auth project IDs of projects you want your user to be able to access

callbackUrl (Optional)

AuthLib.config({callbackUrl: ''})
Default: location.origin (I.E. it uses the current pages location)
The callback URL the user will be re-directed to after having logged in.

openNewWindow (Optional)

AuthLib.config({openNewWindow: true})
Default: true
Determines whether or not the Auth service redirect should happen in a popup window or in the original window.

openFrame (Optional)

AuthLib.config({openFrame: true})
Default: true
Determines whether or not the AUTOREDIRECT happens within a hidden iframe or not.

refreshToken (Optional)

AuthLib.config({refreshToken: false})
Default: false
If set to true, the Auth Lib will automatically refresh the users token just before it is set to expire. When this happens, you will receive another call on the tokenSet callback function.

storeTokenSession (Optional)

AuthLib.config({storeTokenSession: true})
Default: true
Determines whether or not to store the token in the user's session storage.

storeTokenLocal (Optional)

AuthLib.config({storeTokenLocal: true})
Default: true
Determines whether or not to store the token in the user's local storage.

redirectOnLogout (Optional)

AuthLib.config({redirectOnLogout: true})
Default: true
When logout of the Auth Lib is initiated, this determins whether or not the Auth Lib will redirect the user to http://[identServiceUrl]/auth/logout. Also see 'logoutCallbackUrl'.

logoutCallbackUrl (Optional)

AuthLib.config({logoutCallbackUrl: ''})
Default: null
This is the URL to redirect back to after the logout action has been completed. If none is specified, the 'callbackUrl' (above) is used.

prepopulatedToken (Optional)

AuthLib.config({prepopulatedToken: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkc3...'})
You can set this option if you have a token saved for the user and want to set it immediatly. Set a string value of the JWT token. This is generally not needed as the Auth Lib will save the user's token in session/local storage anyway.

Auth Lib Core Methods


AuthLib.login(provider, target)
Call this method to initiate the login process.
provider (Optional but recommended) - The provider you wish the user to use (gplus, twitter, safe ...). If none is provided the Auth service will use the latest token the user has or will show a list of all the providers it can use
target (Optional) - The target of the login window ('popup', 'frame', 'self')


Call this method to have the user logout and destroy the tokens/cookies/session.

Auth Lib Core Events

Note: Events can also be turned off by calling, listener)


AuthLib.on('login', (tokens) => {
                    console.log('Logged in', tokens);
Listen on this event to receive the JWT token(s) when the user has logged in. The structure will be of the form:
        dst: "Auth-project",
        exp: 1501128977,
        iat: 1501064177,
        iss: "Auth-project",
        sub: "8535cabe5-efb3-4af4-97aa-c5f90018dd11",
        sub_email: "",
        sub_gravatar: "da60004d3eb3f2abc68913700ba1b810",
        sub_name: "James Cross",
        sub_provider-id: "6047544",
        sub_provider-name: "safe",
        tid: "98015ecb-8125-4445-7be4-4fcbf34b80a5",
        token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ"
There will be one object for each service you requested in the config section. The 'token' property is the JWT token and the other fields can help you to identify the user on the front-end.


AuthLib.on('logout', () => {
                    console.log('Logged out');
Listen on this event to know when the user has been logged out.


AuthLib.on('expired', (token) => {
                console.log('Token expired', token);
Listen on this event to know when a token has expired.


AuthLib.on('error', (msg, data) => {
                    console.error('Auth Lib error', msg, data);
Listen on this event to know when an error has occured within the Auth Lib during login or logout.


AuthLib.on('inviteReceived', (inviteToken) => {
                console.log('Invite Token Received', inviteToken);
Listen on this event to know when a user has followed an invite link to the application.