Releases · commercelayer/commercelayer-js-auth

15 Apr 15:53

commercelayer-ci

v6.0.1

d9e3fb1

v6.0.1

What's Changed

🐛 Bug Fix

The encodeBase64URLSafe method replaces the base64 instead of the payload by @marcomontalbano in #75

📝 Documentation

Update README by @sfiorucci in #74

Full Changelog: v6.0.0...v6.0.1

Contributors

marcomontalbano and sfiorucci

Assets 2

26 Mar 17:35

commercelayer-ci

v6.0.0

1a76499

v6.0.0

What's Changed

💥 Breaking Change

New auth endpoint by @marcomontalbano in #68

🚀 Enhancement

Add an helper to decode the JWT by @marcomontalbano in #69
Add support to JWT Bearer by @marcomontalbano in #71
Add revoke method by @marcomontalbano in #72

📝 Documentation

Add custom header types by @marcomontalbano in #70

💥 Breaking changes

This library now uses the new https://auth.commercelayer.io/oauth/token endpoint. We unified core and provisioning into a single authenticate method.

# no more valid
-  import { provisioning } from '@commercelayer/js-auth'

# no more valid
-  import { core } from '@commercelayer/js-auth'

# new syntax
+ import { authenticate } from '@commercelayer/js-auth'

Examples

Core authentication

import { authenticate } from '@commercelayer/js-auth'

const auth = await authenticate('client_credentials', {
  clientId: '{{ client_id }}',
  scope: 'market:id:1234'
})

Provisioning authentication

Read more about how to get the client id and secret.

import { authenticate } from '@commercelayer/js-auth'

const auth = await authenticate('client_credentials', {
  clientId: '{{ client_id }}',
  clientSecret: '{{ client_secret }}',
})

Typescript

import { authenticate, type AuthenticateOptions } from '@commercelayer/js-auth'

const options: AuthenticateOptions<'client_credentials'> = {
  clientId: '{{ client_id }}',
  scope: 'market:id:1234'
}

const auth = await authenticate('client_credentials', options)

Decode an access token

We added an helper method to decode an access token:

import { authenticate, jwtDecode, jwtIsSalesChannel } from '@commercelayer/js-auth'

const auth = await authenticate('client_credentials', {
  clientId: '{{ application_client_id }}',
  scope: '{{ application_scope }}'
})

const decodedJWT = jwtDecode(auth.accessToken)

if (jwtIsSalesChannel(decodedJWT.payload)) {
  console.log('organization slug is', decodedJWT.payload.organization.slug)
}

JWT bearer flow

JWT Bearer flow allows a client application to obtain an access token using a JSON Web Token (JWT) assertion.

We added support to the JWT bearer flow by introducing a new createAssertion method:

const assertion = await createAssertion({
  payload: {
    'https://commercelayer.io/claims': {
      owner: {
        type: 'Customer',
        id: '4tepftJsT2'
      },
      custom_claim: {
        customer: {
          first_name: 'John',
          last_name: 'Doe'
        }
      }
    }
  }
})

Once you created the assertion you can get an access token using the urn:ietf:params:oauth:grant-type:jwt-bearer grant type:

import { authenticate } from '@commercelayer/js-auth'

const auth = await authenticate('urn:ietf:params:oauth:grant-type:jwt-bearer', {
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  scope: 'market:code:europe',
  assertion
})

console.log('My access token: ', auth.accessToken)
console.log('Expiration date: ', auth.expires)

Revoke an access token

We added the revoke method.

Any previously generated access tokens (refresh tokens included) can be revoked before their natural expiration date.

import { revoke } from '@commercelayer/js-auth'

await revoke({
  clientId: 'your-client-id',
  clientSecret: 'your-client-secret',
  token: 'a-generated-access-token'
})