Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
@entur/auth-provider
Advanced tools
Authentication provider for Entur applications. Primarily aimed at easing transition between legacy keycloak and auth0 in internal and data provider applications.
npm install --save @entur/auth-provider
import React from 'react'
import { render } from 'react-dom';
import AuthProvider, { useAuth } from '@entur/auth-provider';
// Provide either auth0Config, keycloakConfigUrl or both
const auth0Config = {}; //<-- see auth0 docs for required fields
const auth0ClaimsNamespace = ''; // <-- required for custom roles parsing
const keycloakConfigUrl = ''; // <-- where to find keycloak config
// defaultAuthMethod is optional, kc (keycloak) is default. User can override with query parameter:
// ?authMethod=kc|auth0
const defaultAuthMethod = 'auth0';
// If set to false, app will not automatically redirect to login page
// Note: Only works on auth0 - keycloak will always redirect automatically
const loginAutomatically = false;
const App = () => {
const {
isAuthenticated
} = useAuth();
return (
<h1>
{isAuthenticated ? 'Yay' : 'Oh no ...'}
</h2>
)
}
render(
<AuthProvider
auth0Config={auth0Config}
auth0ClaimsNamespace={auth0ClaimsNamespace}
keycloakConfigUrl={keycloakConfigUrl}
defaultAuthMethod={defaultAuthMethod}
loginAutomatically={loginAutomatically}
>
<App />
<AuthProvider>
);
First build:
npm run build
Then bump version:
npm version [major|minor|patch]
Then publish (use dry-run first to see what's included)
npm publish --dry-run
npm publish
Finally, push tags to GitHub
git push origin --tags
EUPL © entur/nrp
FAQs
React components and helpers for authentication
The npm package @entur/auth-provider receives a total of 14 weekly downloads. As such, @entur/auth-provider popularity was classified as not popular.
We found that @entur/auth-provider demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 13 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.