Guides

Node.JS Code Sample

Suggest Edits

Node.js NLS Authentication and API Interaction

This guide provides a sample Node.js script to interact with NLS (Nortridge Loan Software), including obtaining an access token, refreshing the token, revoking tokens, and fetching version information from the API.

Prerequisites

  • Node.js installed on your machine
  • axios and querystring libraries installed
  • NLS API/Auth server running and accessible

Install the required libraries using npm:

npm install axios querystring

Sample Code

const axios = require('axios');
const qs = require('querystring');

// The Version within the Auth and API Base Address needs to match one of the following for ASP/Hosted
// NLS 5.35.X - 25.4
// NLS 5.37.X - 27.1.3
// NLS 5.39.X - 29.1
// https://userguide.nortridge.com/topics/system-requirements.html

const AuthServerBaseAddress = 'https://api.nortridgehosting.com/27.1.3/';
const ApiServerBaseAddress = 'https://auth.nortridgehosting.com/27.1.3/';
const ClientId = 'MyClientId';
const ClientSecret = 'MyClientSecret';
const NlsUsername = 'MyNLSUsername'; // Must Be a DBA User
const NlsPassword = 'MyNLSPassword';
const serverScope = ''; // Set your server value here if needed
const databaseScope = ''; // Set your database value here if needed
const GetAccessTokenEndpoint = '/core/connect/token';
const RevokeTokenEndpoint = '/core/connect/revocation';
const GetVersionEndpoint = '/version';

const requestAccessToken = async (refreshToken, serverScope = '', databaseScope = '') => {
    let scope = 'api openid offline_access';
    if (serverScope) {
        scope += ` server:${serverScope}`;
    }
    if (databaseScope) {
        scope += ` database:${databaseScope}`;
    }

    const params = refreshToken ? {
        grant_type: 'refresh_token',
        refresh_token: refreshToken,
        client_id: ClientId,
        client_secret: ClientSecret
    } : {
        grant_type: 'password',
        scope: scope,
        username: NlsUsername,
        password: NlsPassword,
        client_id: ClientId,
        client_secret: ClientSecret
    };

    const response = await axios.post(AuthServerBaseAddress + GetAccessTokenEndpoint, qs.stringify(params), {
        headers: {
            'Content-Type': 'application/x-www-form-urlencoded'
        }
    });
    return response.data;
};

const getVersion = async (accessToken) => {
    const response = await axios.get(ApiServerBaseAddress + GetVersionEndpoint, {
        headers: {
            Authorization: `Bearer ${accessToken}`,
            'Accept': 'application/json'
        }
    });
    return response.data;
};

const revokeToken = async (token, tokenTypeHint) => {
    const params = {
        token: token,
        token_type_hint: tokenTypeHint
    };
    const authString = `${ClientId}:${ClientSecret}`;
    const base64AuthString = Buffer.from(authString).toString('base64');

    const response = await axios.post(AuthServerBaseAddress + RevokeTokenEndpoint, qs.stringify(params), {
        headers: {
            'Authorization': `Basic ${base64AuthString}`,
            'Content-Type': 'application/x-www-form-urlencoded'
        }
    });
    return response.status === 200;
};

const run = async () => {
    try {
        const tokenResponse = await requestAccessToken(null, serverScope, databaseScope);
        console.log('Access Token:', tokenResponse.access_token);
        console.log('Refresh Token:', tokenResponse.refresh_token);

        const versionResponse = await getVersion(tokenResponse.access_token);
        console.log('Get Version Response:', versionResponse);

        const refreshTokenResponse = await requestAccessToken(tokenResponse.refresh_token, serverScope, databaseScope);
        console.log('Access Token:', refreshTokenResponse.access_token);
        console.log('Refresh Token:', refreshTokenResponse.refresh_token);

        let tokenRevoked = await revokeToken(tokenResponse.access_token, 'access_token');
        if (tokenRevoked) console.log('Access Token Revoked:', tokenResponse.access_token);

        tokenRevoked = await revokeToken(tokenResponse.refresh_token, 'refresh_token');
        if (tokenRevoked) console.log('Refresh Token Revoked:', tokenResponse.refresh_token);

        tokenRevoked = await revokeToken(refreshTokenResponse.access_token, 'access_token');
        if (tokenRevoked) console.log('Access Token Revoked:', refreshTokenResponse.access_token);

        tokenRevoked = await revokeToken(refreshTokenResponse.refresh_token, 'refresh_token');
        if (tokenRevoked) console.log('Refresh Token Revoked:', refreshTokenResponse.refresh_token);
    } catch (error) {
        console.error('An error occurred:', error);
    }
};

run();

Explanation

Configuration

  • AuthServerBaseAddress: Base address of the authentication server.
  • ApiServerBaseAddress: Base address of the API server.
  • ClientId: Client ID for authentication.
  • ClientSecret: Client secret for authentication.
  • NlsUsername: NLS username.
  • NlsPassword: NLS password.
  • serverScope: Optional server scope for the token.
  • databaseScope: Optional database scope for the token.

Functions

  • requestAccessToken: Requests an access token or refreshes an existing token. Constructs the scope dynamically based on provided values.
  • getVersion: Fetches version information from the API using the access token.
  • revokeToken: Revokes an access or refresh token.

Main Execution

The run function orchestrates the token request, usage, refresh, and revocation process, logging each step and handling errors.


Usage

  1. Set your server and database values if needed.
  2. Run the script using Node.js: 
    node your_script_name.js

This guide should help you set up a Node.js application to interact with NLS, including obtaining, refreshing, and revoking tokens, as well as making authenticated API calls.

Updated 3 months ago