User
The User Aptitude provides the ability to retrieve a JWT for the current user, which can be used to identify an Olive Helps user to a 3rd party service.
API
Example
Permissions

jwt

Provides the ability to generate a JWT for the current user and only valid for the requesting Loop.
1
import { user } from '@oliveai/ldk';
2
3
user.jwt().then((token) => {
4
console.log(`User's JWT token: ${token}`);
5
});
Copied!
An optional config object can be passed in. It is used to determine what optional claims to include in the JWT result.
1
import { user } from '@oliveai/ldk';
2
3
const config = { includeEmail: true };
4
5
user.jwt(config).then((token) => {
6
console.log(`User's JWT token: ${token}`);
7
});
Copied!

jwtWithUserDetails

Provides the ability to generate a JWT for the current user as well as get additional information about the user, such as full name and organization details.
1
import { user } from '@oliveai/ldk';
2
3
// Config object can include any of these parameters.
4
// NOTE: email is included in the encoded JWT, all others are attached
5
// on the returned object.
6
const jwtWithUserDetailsConfig = {
7
includeEmail: true,
8
includeFullName: true,
9
includeOrganizationId: true,
10
includeOrganizationName: true,
11
};
12
13
user.jwtWithUserDetails(jwtWithUserDetailsConfig).then((returnObj) => {
14
console.log(`User's JWT token: ${returnObj.jwt}`);
15
console.log(`User's Full Name: ${returnObj.fullName}`);
16
console.log(`User's Organization ID: ${returnObj.organizationId}`);
17
console.log(`User's Organization Name: ${returnObj.organizationName}`);
18
console.log(`User's Email: ${returnObj.email}`);
19
});
Copied!
Let's say you have a third party API that authenticates the user with a JWT for every request. Throughout the lifetime of our Loop, we'd like to periodically make calls to this API. This will require us to:
  • Retrieve the JWT
  • Refresh the JWT when it expires
  • Send the JWT in our API request
We will be using the buffer library from npm to assist reading the JWT.
1
import { user, network } from '@oliveai/ldk';
2
3
const apiUrl = 'http://127.0.0.1:8080/myTestApi';
4
5
const dashRegExp = new RegExp('-', 'g');
6
const underscoreRegExp = new RegExp('_', 'g');
7
8
let userJwt = null;
9
let jwtRefreshTimer = null;
10
11
function decodeJwt(encodedJwt) {
12
// A JWT is encoded in base-64 with .'s seperating each section
13
// header.payload.signature
14
const jwtParts = encodedJwt.split('.');
15
const encodedHeader = jwtParts[0];
16
const encodedPayload = jwtParts[1];
17
const encodedSignature = jwtParts[2];
18
const header = JSON.parse(atob(encodedHeader));
19
const payload = JSON.parse(atob(encodedPayload));
20
const signature = atob(encodedSignature);
21
const decodedJwt = { header, payload, signature };
22
return decodedJwt;
23
}
24
25
// The expiration time is stored in the payload under the exp field
26
// exp is the number of seconds since the Epoch
27
function getExpiration(jwt) {
28
const decoded = decodeJwt(jwt);
29
return decoded.payload.exp;
30
}
31
32
function clearJwtTimer() {
33
if (jwtRefreshTimer) {
34
clearTimeout(jwtRefreshTimer);
35
jwtRefreshTimer = null;
36
}
37
}
38
39
function updateJwtTimer(jwt) {
40
clearJwtTimer();
41
const expirationTime = getExpiration(jwt);
42
43
// Expiration time on the JWT is in seconds, not ms, so we must convert Date.now()
44
const timeLeft = expirationTime - Date.now() / 1000;
45
46
// Don't forget to convert seconds back to ms
47
jwtRefreshTimer = setTimeout(RefreshJwt, timeLeft * 1000);
48
}
49
50
function setUserJwt(jwt) {
51
userJwt = jwt;
52
return userJwt;
53
}
54
55
function RefreshJwt() {
56
return user.jwt().then(setUserJwt).then(updateJwtTimer);
57
}
58
59
function MyNetworkRequest() {
60
network
61
.httpRequest({
62
url: apiUrl,
63
method: 'GET',
64
headers: { Authorization: [`Bearer ${userJwt}`] },
65
})
66
.then((response) => console.log(response.statusCode))
67
.catch((error) => console.log(`Unable to connect: ${error}`));
68
}
69
70
RefreshJwt().then(MyNetworkRequest);
Copied!
In order to use both the user and network aptitude, we'll need to setup our permissions within our package.json.
1
{
2
...
3
"ldk": {
4
"permissions": {
5
"network": {
6
"urlDomains": [
7
{
8
"value": "127.0.0.1"
9
}
10
]
11
},
12
"user": {},
13
...
14
}
15
},
16
...
17
}
Copied!
To use the User Aptitude, use the following permissions outline in your package.json under the ldk object.
Please see our Permissions page for more information.
1
...
2
"ldk": {
3
"permissions": {
4
"user": {
5
"optionalClaims": [
6
{
7
"value": "string"
8
},
9
...
10
]
11
},
12
...
13
}
14
},
15
...
Copied!

Examples

The claims included in the JWT can be customized within the permissions object as well. Currently, email, fullName, organizationId and organizationName are supported.
1
{
2
"ldk": {
3
"permissions": {
4
"user": {
5
"optionalClaims": [
6
{
7
"value": "email"
8
},
9
{
10
"value": "fullName"
11
},
12
{
13
"value": "organizationId"
14
},
15
{
16
"value": "organizationName"
17
}
18
]
19
}
20
}
21
}
22
}
Copied!
Last modified 18d ago
Copy link