@emmsdan/adonis-v6-auth0
Advanced tools
A boilerplate for creating custom AdonisJS ally drivers
This repo serves as a starting point to create your custom OAuth2 drivers for AdonisJS ally.
The boilerplate is tailored to create one driver per project and publish it as a package on npm.
Following are the steps to get started.
Fork this repo and then clone it on your local machine.
Install all the dependencies using npm or yarn (whatever you prefer).
Open package.json file and update the package name, description and the adonisjs configuration block.
{
"name": "package-name",
"description": "",
"adonisjs": {
"types": "package-name",
"providers": ["package-name"]
}
}
The code for the driver is inside the src directory. Make sure to change the YourDriver directory name to the name of the driver.
The driver implementation is mainly driven by the config, except the user and the userFromToken methods. Both of these methods are specific to the Oauth provider, and hence you have to implement them yourself.
The src/YourDriver/index.ts file has the following exports.
The type defines the properties that exist on the access token returned by your driver. You must read your OAuth provider documentation and list all the properties here.
Do not change the pre-defined token and bearer properties.
export type YourDriverAccessToken = {
token: string
type: 'bearer'
}
Define a union of driver scopes accepted by your OAuth provider. You can check out the official implementations to see how they are defined.
The type defines the configuration options that your driver expects. It must specify the following mentioned properties, along with any additional properties your driver needs to be functional.
export type YourDriverConfig = {
driver: 'YourDriverName'
clientId: string
clientSecret: string
callbackUrl: string
authorizeUrl?: string
accessTokenUrl?: string
userInfoUrl?: string
}
The driver implementation is a standard TypeScript class that extends the base Oauth2Driver class. The base driver class enforces you to define the following instance properties.
authorizeUrl is the URL for the redirect request. The user is redirected to this URL to authorize the request. Check out provider docs to find this URL.accessTokenUrl is used to exchange the authorization code for the access token. Check out provider docs to find this URL.userInfoUrl is used to make a request for getting the user profile informationcodeParamName is the query string parameter for reading the authorization code after redirecting the user back to the callback URL.errorParamName is the query string parameter for finding the error after redirecting the user back to the callback URL.stateCookieName is the cookie name for storing the CSRF token (also known as the state). Make sure the cookie name does not collide with other drivers. A safer option is to prefix your driver name to the oauth_state keyword.stateParamName is the query string parameter name for setting the state during the authorization redirect.scopeParamName is the query string parameter name for sending the scopes during the authorization redirect.scopesSeparator is the character to use for separating multiple parameters.YourDriver references to a more meaningful driver name inside the src/YourDriver/index.ts file.YourDriverProvider inside the providers/index.ts file.Ally.extend method call inside the providers/index.ts file.authorizeUrl class property.accessTokenUrl class property.userInfoUrl class property.codeParamName class property.errorParamName class property.stateCookieName class property.stateParamName class property.scopeParamName class property.scopesSeparator class property.accessDenied class method.user class method.userFromToken class method.standalone.ts file to export the renamed driver file name.You can test the driver by installing it locally inside your AdonisJS application. Following are the steps you need to perform.
Compile the TypeScript code to JavaScript using the npm run build script.
cd into your AdonisJS project and install the package locally using npm i path/to/your/driver/package.
Run node ace configure <package-name>. The configure command needs the package name and not the package path.
Inform typescript about your driver by defining a mapping inside the contracts/ally.ts file.
import { YourDriverConfig, YourDriver } from 'ally-custom-driver/build/standalone'
interface SocialProviders {
yourDriver: {
config: YourDriverConfig
implementation: YourDriver
}
}
Define the config inside the config/ally.ts file.
And now you can use your driver like any other inbuilt driver.
Make sure to finish the following tasks before releasing your package.
name and description properties inside the package.json file.adonisjs.types and adonisjs.providers properties to use the package name inside the package.json file.instructions.md file.adonisjs.env property inside the package.json file to use the correct driver name for environment variables.You can configure the redirect request by implementing the configureRedirectRequest method on the driver class. The method is already pre-defined and commented out.
protected configureRedirectRequest(request: RedirectRequest<YourDriverScopes>) {
request.param('key', 'value')
}
You can configure the access token request by implementing the configureAccessTokenRequest method on the driver class. The method is already pre-defined and commented out.
protected configureAccessTokenRequest(request: ApiRequest) {
// Request body
request.field('key', 'value')
// Query param
request.param('key', 'value')
}
Are you excited about sharing your work with others? Make sure to submit your package to the awesome-adonisjs repo.
FAQs
custom ally driver for adonisjs v6 auth0
The npm package @emmsdan/adonis-v6-auth0 receives a total of 0 weekly downloads. As such, @emmsdan/adonis-v6-auth0 popularity was classified as not popular.
We found that @emmsdan/adonis-v6-auth0 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.