Home
/
Packages
/
egain-ps-utils

egain-ps-utils

eGain PS Utils. A utility package for eGain PS

egain-ps-utils

egain-ps-utils is a collection of utility functions designed to simplify common development tasks. This package provides helpers and methods to boost your development workflow, and for the initial release (v1.0.0), we’re offering a convenient jwt authorizer utility for handling authorization-related tasks.

Features

  • validateToken: A utility function to assist with authorization checks, ensuring that only authorized users can access specific resources or perform particular actions. This validator will check for the: "1. token expiry" "2. issuer" "3. audience" "4. certificate"

"This function will return a boolean value indicating whether the token is valid or not."

  • generateAuthResponse: A utility function to assist with generating authorization responses. This will return a policy document with the effect and the methodArn.

##Prerequisites:

  • AWS Secrets Manager SDK v3

Create a secret in AWS Secrets Manager with the following format:

{
    "audience":"xxxx",
    "issuer":"https://xxxx.com/xxxxxx/xx.x"
}

To get the audience and issuer values, you can use the following steps:

  1. Get the Metadata.
  2. Use these values as the audience and issuer in the secret.

Usage

Step 1: Install the egain-ps-utils Package First, install the package using either npm or yarn as described in the Installation section.

Using npm:

npm install egain-ps-utils

using yarn:

yarn add egain-ps-utils

Step 2: Create the Processor File In your project, create a processor.js file that will contain the logic to handle the authorization and response generation. This file will interact with the ps-custom-utility package.

const { authorizer } = require('egain-ps-utils');

const authorize = async (event) => {
  try {
    const authorization = event.headers.Authorization || event.headers.authorization; // Extract token from headers
    if (!authorization) {
      throw new Error('Authorization token is missing');
    }

    const secretName = 'xxxxx';

    // Validate the token
    const { isTokenValid } = await authorizer.validateToken(authorization, secretName );
    if (isTokenValid) {
      return authorizer.generateAuthResponse('Allow', event.methodArn); // Allow access if the token is valid
    } else {
      return authorizer.generateAuthResponse('Deny', event.methodArn); // Deny access if the token is invalid
    }
  } catch (error) {
    console.error('Authorization error:', error);
    return authorizer.generateAuthResponse('Deny', event.methodArn); // Default Deny response in case of an error
  }
};

module.exports = { authorize };