auth0-extension-express-tools
Advanced tools
A set of tools and utilities to simplify the development of Auth0 Extensions with Express.
A set of tools and utilities to simplify the development of Auth0 Extensions with Epxress.
const expressTools = require('auth0-extension-express-tools');
Here's what you need to use it as an entrypoint for your Webtask:
const expressApp = require('./server');
module.exports = expressTools.createServer(function(config, storage) {
return expressApp(config, storage);
});
Then you can create your Express server like this:
module.exports = (config, storage) => {
// 'config' is a method that exposes process.env, Webtask params and secrets
console.log('Starting Express. The Auth0 domain which this is configured for:', config('AUTH0_DOMAIN'));
// 'storage' is a Webtask storage object: https://webtask.io/docs/storage
storage.get(function (error, data) {
console.log('Here is what we currently have in data:', JSON.stringify(data, null, 2));
});
const app = new Express();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
...
// Finally you just have to return the app here.
return app;
};
Force a user to be set on the request. If no user is present, an UnauthorizedError will be returned.
const middlewares = require('auth0-extension-express-tools').middlewares;
const app = new Express();
...
app.get('/users/:id', middlewares.requireAuthentication, (req, res, next) => {
...
});
Validate an end user token using RS256.
const authenticateUsers = require('auth0-extension-express-tools').authenticateUsers;
const app = new Express();
app.use(authenticateUsers({
domain: 'me.auth0.com',
audience: 'urn:myapp',
credentialsRequired: true, // Default
onLoginSuccess: (req, res, next) => {
req.user.foo = 'bar';
next();
}
});)
You can also optionally set the middleware to only execute when a token is provided where the issuer matches the configured issuer. If not token is provided, or a token is provided with a different issuer, this middleware will not run.
const authenticateUsers = require('auth0-extension-express-tools').authenticateUsers;
const app = new Express();
app.use(authenticateUsers.optional({
domain: 'me.auth0.com',
audience: 'urn:myapp',
onLoginSuccess: (req, res, next) => {
req.user.foo = 'bar';
next();
}
});)
Validate an administrator session token.
const authenticateAdmins = require('auth0-extension-express-tools').authenticateAdmins;
const app = new Express();
app.use(authenticateAdmins({
onLoginSuccess: (req, res, next) => {
req.user.role = 'Admin';
next();
},
credentialsRequired: true,
secret: 'abc',
audience: 'urn:api',
baseUrl: 'http://my-extension'
});
You can also optionally set the middleware to only execute when a token is provided where the issuer matches the configured issuer. If not token is provided, or a token is provided with a different issuer, this middleware will not run.
const authenticateUsers = require('auth0-extension-express-tools').authenticateUsers;
const app = new Express();
app.use(authenticateAdmins.optional({
onLoginSuccess: (req, res, next) => {
req.user.role = 'Admin';
next();
},
credentialsRequired: true,
secret: 'abc',
audience: 'urn:api',
baseUrl: 'http://my-extension'
});
A middleware to inject the Management API Client for Node.js on the current request:
const middlewares = require('auth0-extension-express-tools').middlewares;
const app = new Express();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
const managementClient = middlewares.managementApiClient({
domain: config('AUTH0_DOMAIN'),
clientId: config('AUTH0_CLIENT_ID'),
clientSecret: config('AUTH0_CLIENT_SECRET')
});
app.get('/users/:id', managementClient, (req, res, next) => {
req.auth0.users.get({ id: req.params.id })
.then(user => res.json({ user }))
.catch(next);
});
A middleware to validate tokens from the Management Dashboard when installing/updating/uninstalling Extensions:
const middlewares = require('auth0-extension-express-tools').middlewares;
const app = new Express();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
const hookValidator = middlewares.validateHookToken(config('AUTH0_DOMAIN'), config('WT_URL'), config('EXTENSION_SECRET'));
app.use(hookValidator('./extensions/on-uninstall'));
app.delete('./extensions/on-uninstall', function(req, res) {
...
});
const urlHelpers = require('auth0-extension-express-tools').urlHelpers;
// Eg: /api/run/mytenant/abc/
const basePath = urlHelpers.getBasePath(req);
// Eg: http://sandbox.it.auth0.com/api/run/mytenant/abc
const baseUrl = urlHelpers.getBaseUrl(req);
[1.1.9] - Unreleased
FAQs
A set of tools and utilities to simplify the development of Auth0 Extensions with Express.
The npm package auth0-extension-express-tools receives a total of 44 weekly downloads. As such, auth0-extension-express-tools popularity was classified as not popular.
We found that auth0-extension-express-tools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 37 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.