@adobe/aio-app-actions-auth
Advanced tools
Openwhisk Package for setting up actions used in authentication flow.
The goal is to create an authentication flow that is composed from a sequence of actions:
login -> encrypt -> persist (SET) -> register_my_webhook (not implemented here) -> redirect
login - uses actions-auth-passport action.encrypt - uses ./action/encrypt.js to enable sequencing to the persist action (TBD: Will be renamed to format).persist - uses auth-cache-dynamodb.redirect - uses redirect.js from actions-auth-passport action. This action redirects the end user to a confirmation page, after a successful login. The redirect URL can be controlled by either providing a default redirect_url to the login action, but it can also be overridden for special cases through the success_redirect parameters of the login action.The user experience starts with the login action, which takes the end-user through the authentication UI of the corresponding provider. Once the login is successful the sequence executes all the actions, and at the end, the last action should redirect the user to a home page.
For a quick setup use:
$ npm run deploy
This command sets up 2 packages in a user's namespace( system in the example bellow ):
$ wsk package get oauth --summary
package /system/oauth
action /system/oauth/login
$ wsk package get cache --summary
package /system/cache
action /system/cache/encrypt
action /system/cache/persist
oauth package contains the login action with no default parameters;cache package contains the encrypt and persist actionsNOTE: These packages could be publicly available from a
systempackage, so that other namespaces can reference/bind to them. This offers the flexibility to maintain the supporting actions in a single place, vs having them copied and installed in each namespace.
$ CLIENT_ID=AAA CLIENT_SECRET=BBB SCOPES=openid,AdobeID make adobe-oauth
This command uses /system/oauth/login to create a package binding,
configuring the credentials via default parameters. Then it creates the final action as a sequence ( login -> encrypt -> persist). To make for a nicer URI, the sequence action is placed in its own package so that it's presented to the end users as: /api/v1/web/guest/adobe/authenticate.
Use the same persist action used during authentication to retrieve the information. B/c the information is encrypted with Openwhisk Namespace API-KEY it can only be decrypted by actions within the same namespace. The API-KEY belonging to the namespace is injected by Openwhisk as an environment variable at invocation time.
persist (GET) -> decrypt
persist is the same action used during AuthenticationContributions are welcomed! Read the Contributing Guide for more information.
This project is licensed under the Apache V2 License. See LICENSE for more information.
FAQs
Deploys the auth actions.
We found that @adobe/aio-app-actions-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 58 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.
Research
/Security News
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.