Back to Top

apisuite-be master

APISuite backend core API

exchangeCode(code, ssoClient, discoveryData, redirectURL)

Exchanges the authorization code for the access/ID tokens.

Parameters

Name Type Description
code string
ssoClient object
discoveryData object
  • Object with the data returned from OIDC discovery endpoint
redirectURL string

Returns

Promise.<object|null>

  • Returns an object with the set of tokens obtained in code exchange

tokenVerifier(token, clientID, discoveryData)

Verifies the validity of an ID token.

Parameters

Name Type Description
token string
  • ID token
clientID string
discoveryData object
  • Object with the data returned from OIDC discovery endpoint

Returns

Promise.<object|null>

  • If valid, returns the token payload

cleanInternalConfig(settings)

Parameters

Name Type Description
settings object
settings.provider string
settings.configuration object

Returns

Void

accessControl(action, possession, resource, options)

Parameters

Name Type Description
action String
  • Access control action (create, read, update, delete)
possession String
  • Access control possession (any, own)
resource String
  • Access control resource name
options Object
options.idCarrier String
  • Express request field that carries the resource ID (params, body, etc)
options.idField String
  • Field name that corresponds to the resource ID in the idCarrier (ex.: /:userId)
options.adminOverride Boolean
  • If true, 'admin' role gets access to the resource, independently of grants. Default false

Returns

Void

checkOwnPossessionAndIdField(possession, idCarrier, idField)

Checks if configured access control possession is OWN and if id field is present in the configured carrier.

Parameters

Name Type Description
possession String
idCarrier String
idField String

Returns

Boolean

Organization.getWithAppCount(page, pageSize)

Parameters

Name Type Description
page number
pageSize number

Returns

object

UserOrganization.getUserOrgsWithUsersCount(userID, transaction)

Returns a list of organizations belonging to a user, along with the count of admins/organizationOwners in those organizations

Parameters

Name Type Description
userID number
transaction object

Returns

array

validatePassword(password)

Password validation.

Parameters

Name Type Description
password string

Returns

Void

module.exports(schema, payloadPath, extraValidation)

Returns a validator middleware for the provided schema.

Parameters

Name Type Description
schema object
  • Joi validation schema (or any object with a similar 'validate' function).
payloadPath string
  • Path to the payload to be validated, within Express's req object. Defaults to 'body'. Dot separated names are accepted. Accepts paths to nested properties, such as 'formdata.fields', which will trigger validation in 'req.formdata.fields'. If the req object does not contain the specified path, the request will be considered invalid and 400 will be sent.
extraValidation function
  • Additional validation to be executed after the basic schema validation. This function be passed the selected payload and should return an object containing an 'errors' property.

Returns

Void

sendRegisterConfirmation(message, options)

Sends a registration confirmation email

Parameters

Name Type Description
message Object

Object with the message options

message.email String

Destination email address

message.token String

Registration token

options Object

Options object

options.logo String

Organization logo URL

Returns

Void

sendRecoverPassword(message, options)

Sends a password recovery email

Parameters

Name Type Description
message Object

Object with the message options

message.email String

Destination email address

message.token String

Password recovery token

options Object

Options object

options.logo String

Organization logo URL

Returns

Void

sendInviteToOrg(message, options)

Send an invitation to add to the organization

Parameters

Name Type Description
message Object

Object with the message options

message.email String

Destination email address

message.token String

Invitation token

options Object

Options object

options.logo String

Organization logo URL

Returns

Void

sendInviteNewUserToOrg(message, options)

Send an invitation to add new user into the organization

Parameters

Name Type Description
message Object

Object with the message options

message.email String

Destination email address

message.token String

Invitation token

options Object

Options object

options.logo String

Organization logo URL

Returns

Void

send(message)

Send the email

Parameters

Name Type Description
message Object

Object with the message options

message.from String

The sender email address

message.to String

The email of the receiver

message.subject String

The subject line

message.text String

The plain text email body

message.html String

The html email body

Returns

Void

_filterPublicAPIs(service)

Filter the service by tags with public value.

Parameters

Name Type Description
service Object

Kong service list.

Returns

Array.<Object>

The filtered list of public APIs.

getUserProfileURL(userID)

Parameters

Name Type Description
userID string

Returns

string

signAccessToken(userID, data)

Generates a signed access token

Parameters

Name Type Description
userID string number
  • User ID to use as token subject
data object
  • Extra claims to include in the token (defaults to empty object)

Returns

string

Signed JWT

generateRefreshToken()

Generates a refresh token composed of a randomly generated string

Returns

Promise.<RefreshToken>

validateAccessToken(token)

Validates and decodes an access token

Parameters

Name Type Description
token string
  • Access token to verify

Returns

VerifiedToken

generateTokenSet(userID)

Generates set of access/refresh tokens for a user.

Parameters

Name Type Description
userID string number
  • User ID to use as token subject

Returns

Promise.<Tokens>

publishEvent(routingKey, event)

Asynchronously publishes an APISuite event in the Message Broker.

Parameters

Name Type Description
routingKey String
event object

Returns

Void

keys()

These are the routing keys for the message broker. As a rule, they must contain at least 3 parts: [component].[domain].[action] In the context of this api:

  • the component part will almost always be 'api'
  • domain corresponds to a certain domain model or service in which some action took place
  • action is the actual event, such as 'created', 'deleted', and so on

Returns

Void

checkIfOpenAPI(swagger)

Check if the swagger object is a Open API 3.0 file

Parameters

Name Type Description
swagger Object
  • The swagger object

Returns

Boolean

  • True if it is

validateSwagger(swagger)

Validate the swagger object

Parameters

Name Type Description
swagger Object
  • The swagger object

Returns

Promise.<Object>

  • The swagger with the errors found

getRegexRoutes(apiSpec)

Parameters

Name Type Description
apiSpec Object
  • Parsed OpenAPI contract object

Returns

Array.<string>

  • array of API routes regex (['^/pets$', '^/pets/.*$'])