DEPRECATED - Migrated to https://github.com/mozilla/fxa

Перейти к файлу

Shane Tomlinson 98ffc5a933 Merge pull request #40 from mozilla/issue-6757-client-id-as-entrypoint r=@philbooth feat(metrics): Use the service name or client_id as the entrypoint if none given.		2019-01-18 10:29:16 +00:00
email	feat(email): define array of popular email domains (#18 ) r=@vladikoff	2018-04-03 09:49:35 -04:00
l10n	fix(l10n): ensure the correct language is selected in localizeTimestamp	2018-09-24 14:30:43 +01:00
metrics	feat(metrics): Use the service name or client_id as the entrypoint if none given.	2019-01-18 10:23:36 +00:00
oauth	feat(scope): Implement shareable code for checking OAuth scopes.	2018-07-20 09:50:14 +10:00
test	feat(metrics): Use the service name or client_id as the entrypoint if none given.	2019-01-18 10:23:36 +00:00
.eslintrc	chore(lint): Enforce consistent semicolon style.	2018-07-19 13:39:15 +10:00
.gitignore	feat(l10n): shared languages r=vbudhram	2016-08-12 20:03:14 -04:00
.travis.yml	feat(package): add linting	2018-04-09 08:39:57 +01:00
LICENSE	chore(license): Add MPL2 LICENSE file	2016-08-28 19:15:07 -07:00
README.md	feat(scope): Implement shareable code for checking OAuth scopes.	2018-07-20 09:50:14 +10:00
index.js	feat(scope): Implement shareable code for checking OAuth scopes.	2018-07-20 09:50:14 +10:00
package.json	chore(package): bump version to 1.0.14	2018-09-24 15:25:58 +01:00

README.md

Shared module for FxA repositories

Shared modules

l10n

supportedLanguages.json is the shared list of all supported locales across FxA

oauth

oauth.scopes provides shared logic for validating and checking OAuth scopes.

Detailed documentation on the details of FxA OAuth scope values is available from the fxa-oauth-server. This library provides some convenient APIs for working with them according to the rules described there.

Given a string containing scopes, you can parse it into a ScopeSet object from either a raw space-delimited string:

let s1 = oauth.scopes.fromString('profile:write basket');

Or directly from a url-encoded string:

let s2 = oauth.scopes.fromURLEncodedString('profile%3Aemail+profile%3Adisplay_name+clients');

Once you have a ScopeSet object, you can check whether it is sufficient to wholly imply another set:

  s1.contains('profile:email:write');          // true, implied by 'profile:write'
  s2.contains('profile:email:write');          // false
  s1.contains('profile:email:write clients');  // false, 'clients' is not in `s1`

Or whether it has any scope values in common with another set:

  s1.intersects('profile:email:write clients'); // true, 'profile:email:write' is common
  s2.intersects(s1);                            // true, 'profile:email' is common
  s2.intersects('clients:write basket');        // false, no members in common

You can filter it down to only the scope values implied by another scope:

  let s3 = oauth.scope.fromString('profile:email clients:abcd'));
  s3.filtered(s1); // 'profile:email'
  s3.filtered(s2); // 'profile:email clients:abcd'

Or you can find out what values in the set are not implied by another scope:

  s3.difference(s1); // 'clients:abcd'
  s3.difference(s2); // the empty set
  s2.difference(s3); // 'profile:display_name clients'

You can also combine multiple sets of scopes, either by generating the union as a new set:

  s1.union(s2); // 'profile:write basket clients'

Or by building up the new set in place:

  let allScopes = scopes.fromArray([]);
  allScopes.add(s1);  // now "profile:write basket"
  allScopes.add(s2);  // now "profile:write basket clients"
  allScopes.add(s3);  // now "profile:write basket clients"

Publishing new version

Install the np tool, run np [new_version_here].