DEPRECATED - Migrated to https://github.com/mozilla/fxa
Перейти к файлу
Ryan Kelly a46a5f730a 1.0.13 2018-07-23 15:34:44 +10:00
email feat(email): define array of popular email domains (#18) r=@vladikoff 2018-04-03 09:49:35 -04:00
l10n chore(lint): Enforce consistent semicolon style. 2018-07-19 13:39:15 +10:00
metrics chore(lint): Enforce consistent semicolon style. 2018-07-19 13:39:15 +10:00
oauth feat(scope): Implement shareable code for checking OAuth scopes. 2018-07-20 09:50:14 +10:00
test feat(scope): Implement shareable code for checking OAuth scopes. 2018-07-20 09:50:14 +10:00
.eslintrc chore(lint): Enforce consistent semicolon style. 2018-07-19 13:39:15 +10:00
.gitignore feat(l10n): shared languages r=vbudhram 2016-08-12 20:03:14 -04:00
.travis.yml feat(package): add linting 2018-04-09 08:39:57 +01:00
LICENSE chore(license): Add MPL2 LICENSE file 2016-08-28 19:15:07 -07:00
README.md feat(scope): Implement shareable code for checking OAuth scopes. 2018-07-20 09:50:14 +10:00
index.js feat(scope): Implement shareable code for checking OAuth scopes. 2018-07-20 09:50:14 +10:00
package.json 1.0.13 2018-07-23 15:34:44 +10:00

README.md

Shared module for FxA repositories

Shared modules

l10n

supportedLanguages.json is the shared list of all supported locales across FxA

oauth

oauth.scopes provides shared logic for validating and checking OAuth scopes.

Detailed documentation on the details of FxA OAuth scope values is available from the fxa-oauth-server. This library provides some convenient APIs for working with them according to the rules described there.

Given a string containing scopes, you can parse it into a ScopeSet object from either a raw space-delimited string:

let s1 = oauth.scopes.fromString('profile:write basket');

Or directly from a url-encoded string:

let s2 = oauth.scopes.fromURLEncodedString('profile%3Aemail+profile%3Adisplay_name+clients');

Once you have a ScopeSet object, you can check whether it is sufficient to wholly imply another set:

  s1.contains('profile:email:write');          // true, implied by 'profile:write'
  s2.contains('profile:email:write');          // false
  s1.contains('profile:email:write clients');  // false, 'clients' is not in `s1`

Or whether it has any scope values in common with another set:

  s1.intersects('profile:email:write clients'); // true, 'profile:email:write' is common
  s2.intersects(s1);                            // true, 'profile:email' is common
  s2.intersects('clients:write basket');        // false, no members in common

You can filter it down to only the scope values implied by another scope:

  let s3 = oauth.scope.fromString('profile:email clients:abcd'));
  s3.filtered(s1); // 'profile:email'
  s3.filtered(s2); // 'profile:email clients:abcd'

Or you can find out what values in the set are not implied by another scope:

  s3.difference(s1); // 'clients:abcd'
  s3.difference(s2); // the empty set
  s2.difference(s3); // 'profile:display_name clients'

You can also combine multiple sets of scopes, either by generating the union as a new set:

  s1.union(s2); // 'profile:write basket clients'

Or by building up the new set in place:

  let allScopes = scopes.fromArray([]);
  allScopes.add(s1);  // now "profile:write basket"
  allScopes.add(s2);  // now "profile:write basket clients"
  allScopes.add(s3);  // now "profile:write basket clients"

Publishing new version

Install the np tool, run np [new_version_here].

Used by: