Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
By Sarah Gooding - Sep 20, 2024
@entur/auth-provider
Advanced tools
@entur/auth-provider
Authentication provider for Entur applications. Primarily aimed at easing transition between legacy keycloak and auth0 in internal and data provider applications.
Install
npm install --save @entur/auth-provider
Usage
import React from 'react'
import { render } from 'react-dom';
import AuthProvider, { useAuth } from '@entur/auth-provider';
// Provide either auth0Config, keycloakConfigUrl or both
const auth0Config = {}; //<-- see auth0 docs for required fields
const auth0ClaimsNamespace = ''; // <-- required for custom roles parsing
const keycloakConfigUrl = ''; // <-- where to find keycloak config
// defaultAuthMethod is optional, kc (keycloak) is default. User can override with query parameter:
// ?authMethod=kc|auth0
const defaultAuthMethod = 'auth0';
// If set to false, app will not automatically redirect to login page
// Note: Only works on auth0 - keycloak will always redirect automatically
const loginAutomatically = false;
const App = () => {
const {
isAuthenticated
} = useAuth();
return (
<h1>
{isAuthenticated ? 'Yay' : 'Oh no ...'}
</h2>
)
}
render(
<AuthProvider
auth0Config={auth0Config}
auth0ClaimsNamespace={auth0ClaimsNamespace}
keycloakConfigUrl={keycloakConfigUrl}
defaultAuthMethod={defaultAuthMethod}
loginAutomatically={loginAutomatically}
>
<App />
<AuthProvider>
);
Release
First build:
npm run build
Then bump version:
npm version [major|minor|patch]
Then publish (use dry-run first to see what's included)
npm publish --dry-run
npm publish
Finally, push tags to GitHub
git push origin --tags
License
EUPL © entur/nrp
FAQs
React components and helpers for authentication
The npm package @entur/auth-provider receives a total of 14 weekly downloads. As such, @entur/auth-provider popularity was classified as not popular.
We found that @entur/auth-provider demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 13 open source maintainers collaborating on the project.
Package last updated on 18 Jun 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Understanding License Exceptions: What Developers Need to Know
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
By Sarah Gooding - Sep 20, 2024
Security News
Developer Accuses Tencent of Copyright Violation After Python Utility’s License Changed from GPLv3 to BSD
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.
By Sarah Gooding - Sep 18, 2024