npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

passport-adobe-oauth2

v1.0.1

Published

Adobe OAuth 2.0 authentication strategy for Passport.

Downloads

469

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

audreyesoaudreyesocarynbearcarynbearddragosdddragosdpurplecabbagepurplecabbage

Keywords

passportadobeoauth2authauthenticationidentity

Readme

Passport-Adobe-OAuth2

Passport strategy for authenticating users with an AdobeId using the OAuth 2.0 API.

This module lets you authenticate using Adobe Identity Management Services (IMS) in your Node.js applications. By plugging into Passport, AdobeId authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.

Adobe Authentication - Getting Started

Install

$ npm install passport-adobe-oauth2

Usage

Create an integration on Adobe Console

You need to set up OAuth web credentials for Creative SDK to use the sample.

  • Select "Web" for the platform
  • For the default redirect URI:
    • https:// + some domain name + :3000 + /auth/adobe/callback
    • For example: https://www.example.net:3000/auth/adobe/callback
  • Input a corresponding redirect URI pattern.
    • For example: https://www\.example\.net/auth/adobe/callback

Configure Strategy

The Adobe authentication strategy authenticates users using an Adobe ID account and OAuth 2.0 tokens. The strategy requires a verify callback, which accepts these credentials and calls done providing a user, as well as options specifying a client ID, client secret, and callback URL.

    // You should modify the following values to match your own application
    var ADOBE_STRATEGY_CONFIG = {
        clientID: "Insert Adobe Client ID Here",
        clientSecret: "Insert Adobe Client Secret Here",
        callbackURL: "https://www.example.net:3000/auth/adobe/callback"
    };

    // Use the AdobeStrategy within Passport.
    // Strategies in Passport require a `verify` function, which accepts credentials
    // (in this case, an accessToken, refreshToken, and Adobe profile)
    // and invoke a callback with a user object.
    passport.use(new AdobeStrategy(ADOBE_STRATEGY_CONFIG,
        function (accessToken, refreshToken, profile, done) {
            //verify function below
            // asynchronous verification, for effect...
            process.nextTick(function () {
                // To keep the example simple, the user's Adobe profile is returned to
                // represent the logged-in user.  In a typical application, you would want
                // to associate the Adobe account with a user record in your database,
                // and return that user instead.
                // var  userId = profile.userId || profile.sub;
                return done(null, profile);
            });
        }
    ));

Authenticate Requests

Use passport.authenticate(), specifying the 'adobe' strategy, to authenticate requests.

For example, as route middleware in an Express application:

    app.get('/auth/adobe/login.html',
      passport.authenticate('adobe'));

    app.get('/auth/adobe/callback',
      passport.authenticate('adobe', { failureRedirect: '/login' }),
      function(req, res) {
        // Successful authentication, redirect home.
        res.redirect('/');
      });

Example

The source repo contains a very basic example application you can run on your machine. Here's how to get it up and running:

Step 1: Create an integration on Adobe Console

You need to set up OAuth web credentials for Creative SDK to use the sample.

  • Select "Web" for the platform
  • For the default redirect URI:
    • https:// + some domain name + :3000 + /auth/adobe/callback
    • For example: https://www.example.net:3000/auth/adobe/callback
  • Input a corresponding redirect URI pattern.
    • For example: https://www\.example\.net/auth/adobe/callback

Step 2: Create a self-signed SSL certificate to run a local https server

Because we are only running this locally and in non-production mode, we can secure the server connection with a self-signed SSL cert. This can be done via openssl.

Make sure the openssl library is installed by checking the path

$ which openssl

Install if necessary: MacOSX Homebrew, Windows

In the example directory, generate your cert and private key files: server.key and server.crt. The challenge password is used for certificate revocation-- you can leave this empty for the example

$ cd example
$ openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
$ openssl rsa -passin pass:x -in server.pass.key -out server.key
writing RSA key
$ rm server.pass.key
$ openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
...
A challenge password []:
...
$ openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt

Step 3: Override DNS records to redirect to local host

Open and edit the hosts file with admin rights.

  • for MacOSX and Ubuntu: sudo open /etc/hosts
  • for Windows (8, 8.1, 10): Run notepad as Administrator. File->Open c:\windows\system32\drivers\etc\hosts

Add a record on a new line to alias the redirect domain to your local host ip address

127.0.0.1       www.example.net

Step 4: Edit the app.js file in the example

Open and edit the example/app.js file. Fill the following variable to match the integration you created on the console

var ADOBE_CLIENT_ID = "..."
var ADOBE_CLIENT_SECRET = "..."
var REDIRECT_URI = "..."

Step 5: Run the sample

Go into the example folder and run

$ npm install
$ npm start

Then open in your browser

https://www.example.net:3000/auth/adobe/login.html

Replacing www.example.net with whatever redirect domain you chose. You may be prompted with an insecure website warning. Proceed anyway.

Tests

$ npm test

Credits

This strategy is based on Jared Hanson's GitHub strategy for passport:

License

Apache License, Version 2.0

Copyright (c) 2014 - present Adobe Systems Incorporated. All rights reserved.