passport-verify
passport-verify
is a Node.js and Passport.js client for the Verify Service Provider (VSP).
Before you start
Usage
passport-verify
Step 1. Install npm install --save passport-verify
passport-verify
strategy
Step 2. Configure the Use the createIdentityStrategy
method to create a strategy when configuring passport.js. For more information about the method, see the API documentation for createIdentityStrategy
.
The code block shows an example of how to configure the passport-verify
strategy.
const passportVerify = const bodyParser = // Real applications should have a real backend for storing users.const fakeUserDatabase = {} // Passport-Verify dependes on any bodyParser// to be configured as a middleware.app passport
If your service uses Matching Service Adapter, you should use the createStrategy
method to create a strategy when configuring passport.js. See the API documentation for the createStrategy method for more details.
Step 3. Configure routes for the authentication flow
Use the createIdentityResponseHandler
method to configure the routes for the authentication flow.
See the API documentation for more details about the createIdentityResponseHandler
method
and its callbacks.
The exact routes depend on how you plan on using the responses from GOV.UK Verify Hub. The example in the code block configures a route to allow a verified user to access the service:
// route for authenticating a userapp // route for handling a callback from verifyapp
If your service uses a Matching Service Adapter, you should use the createResponseHandler
method to configure routes for the authentication flow. See the API documentation for more details about the createResponseHandler
method
and its callbacks.
For a more detailed example with session support, see the example implementation.
Logging
passport-verify
uses the debug package for logging, using passport-verify:log
for infomation and passport-verify:requests
to log api requests sent.
The package enables logging based on the environment variable DEBUG
.
To enable logs, set this variable;
- For just information level logging, use
passport-verify:log
- For request logging, use
passport-verify:requests
- For both, use
passport-verify:*
If you are using this package for your application, note that the DEBUG
variable will be read as a comma seperated list, so you can add or remove passport-verify logs as necessary without changing your own.
API
See the API documentation for more details.
Terminology
- Identity Provider is a service that can authenticate users
- Relying party is a service that needs to authenticate users
- Verify Service Provider is a service that consumes and produces SAML messages that can be used to communicate with GOV.UK Verify
- Passport.js is a Node.js library that provides a generic authentication framework for various authentication providers.
passport-verify
Contribute to If you want to make changes to passport-verify
itself, fork the repository then:
Install the dependencies
npm install
Compile and test the code
npm test
Install dependencies, compile and test the code - run this before commiting
npm run pre-commit
Responsible Disclosure
If you think you have discovered a security issue in this code please email disclosure@digital.cabinet-office.gov.uk with details.
For non-security related bugs and feature requests please raise an issue in the github issue tracker.