Node.JS Code Sample
Node.js NLS Authentication and API Interaction
This guide provides a sample Node.js script to interact with NLS (Nortridge Loan Software), including obtaining an access token, refreshing the token, revoking tokens, and fetching version information from the API.
Prerequisites
- Node.js installed on your machine
axios
andquerystring
libraries installed- NLS API/Auth server running and accessible
Install the required libraries using npm:
npm install axios querystring
Sample Code
const axios = require('axios');
const qs = require('querystring');
// The Version within the Auth and API Base Address needs to match one of the following for ASP/Hosted
// NLS 5.35.X - 25.4
// NLS 5.37.X - 27.1.3
// NLS 5.39.X - 29.1
// https://userguide.nortridge.com/topics/system-requirements.html
const AuthServerBaseAddress = 'https://api.nortridgehosting.com/27.1.3/';
const ApiServerBaseAddress = 'https://auth.nortridgehosting.com/27.1.3/';
const ClientId = 'MyClientId';
const ClientSecret = 'MyClientSecret';
const NlsUsername = 'MyNLSUsername'; // Must Be a DBA User
const NlsPassword = 'MyNLSPassword';
const serverScope = ''; // Set your server value here if needed
const databaseScope = ''; // Set your database value here if needed
const GetAccessTokenEndpoint = '/core/connect/token';
const RevokeTokenEndpoint = '/core/connect/revocation';
const GetVersionEndpoint = '/version';
const requestAccessToken = async (refreshToken, serverScope = '', databaseScope = '') => {
let scope = 'api openid offline_access';
if (serverScope) {
scope += ` server:${serverScope}`;
}
if (databaseScope) {
scope += ` database:${databaseScope}`;
}
const params = refreshToken ? {
grant_type: 'refresh_token',
refresh_token: refreshToken,
client_id: ClientId,
client_secret: ClientSecret
} : {
grant_type: 'password',
scope: scope,
username: NlsUsername,
password: NlsPassword,
client_id: ClientId,
client_secret: ClientSecret
};
const response = await axios.post(AuthServerBaseAddress + GetAccessTokenEndpoint, qs.stringify(params), {
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
});
return response.data;
};
const getVersion = async (accessToken) => {
const response = await axios.get(ApiServerBaseAddress + GetVersionEndpoint, {
headers: {
Authorization: `Bearer ${accessToken}`,
'Accept': 'application/json'
}
});
return response.data;
};
const revokeToken = async (token, tokenTypeHint) => {
const params = {
token: token,
token_type_hint: tokenTypeHint
};
const authString = `${ClientId}:${ClientSecret}`;
const base64AuthString = Buffer.from(authString).toString('base64');
const response = await axios.post(AuthServerBaseAddress + RevokeTokenEndpoint, qs.stringify(params), {
headers: {
'Authorization': `Basic ${base64AuthString}`,
'Content-Type': 'application/x-www-form-urlencoded'
}
});
return response.status === 200;
};
const run = async () => {
try {
const tokenResponse = await requestAccessToken(null, serverScope, databaseScope);
console.log('Access Token:', tokenResponse.access_token);
console.log('Refresh Token:', tokenResponse.refresh_token);
const versionResponse = await getVersion(tokenResponse.access_token);
console.log('Get Version Response:', versionResponse);
const refreshTokenResponse = await requestAccessToken(tokenResponse.refresh_token, serverScope, databaseScope);
console.log('Access Token:', refreshTokenResponse.access_token);
console.log('Refresh Token:', refreshTokenResponse.refresh_token);
let tokenRevoked = await revokeToken(tokenResponse.access_token, 'access_token');
if (tokenRevoked) console.log('Access Token Revoked:', tokenResponse.access_token);
tokenRevoked = await revokeToken(tokenResponse.refresh_token, 'refresh_token');
if (tokenRevoked) console.log('Refresh Token Revoked:', tokenResponse.refresh_token);
tokenRevoked = await revokeToken(refreshTokenResponse.access_token, 'access_token');
if (tokenRevoked) console.log('Access Token Revoked:', refreshTokenResponse.access_token);
tokenRevoked = await revokeToken(refreshTokenResponse.refresh_token, 'refresh_token');
if (tokenRevoked) console.log('Refresh Token Revoked:', refreshTokenResponse.refresh_token);
} catch (error) {
console.error('An error occurred:', error);
}
};
run();
Explanation
Configuration
- AuthServerBaseAddress: Base address of the authentication server.
- ApiServerBaseAddress: Base address of the API server.
- ClientId: Client ID for authentication.
- ClientSecret: Client secret for authentication.
- NlsUsername: NLS username.
- NlsPassword: NLS password.
- serverScope: Optional server scope for the token.
- databaseScope: Optional database scope for the token.
Functions
- requestAccessToken: Requests an access token or refreshes an existing token. Constructs the scope dynamically based on provided values.
- getVersion: Fetches version information from the API using the access token.
- revokeToken: Revokes an access or refresh token.
Main Execution
The run
function orchestrates the token request, usage, refresh, and revocation process, logging each step and handling errors.
Usage
- Set your server and database values if needed.
- Run the script using Node.js:
node your_script_name.js
This guide should help you set up a Node.js application to interact with NLS, including obtaining, refreshing, and revoking tokens, as well as making authenticated API calls.
Updated 6 months ago