Skip to content
/ oidc_webtask Public

A Sample webtask project that uses Auth0's OIDC Provider for authentication.

iamnotmyself.com/
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

NotMyself/oidc_webtask

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
docs/images
docs/images
 
 
scripts
scripts
 
 
src
src
 
 
.editorconfig
.editorconfig
 
 
.eslintrc
.eslintrc
 
 
.gitignore
.gitignore
 
 
.nvmrc
.nvmrc
 
 
README.md
README.md
 
 

Repository files navigation

OIDC Webtask

Auth0 Wisdom

A Sample webtask project that uses Auth0's OIDC Provider for authentication.

Live Demo - Give it a try.

Getting Started

Prepping the Environment

  1. Install Node v8.2.1 or Above.
  2. Install Visual Studio Code, the Insiders Edition is highly recommended.
  3. Install the WT-CLI.
    • You will need to initalize the cli, wt init.

Configuring an Auth0 Application & API

  1. Signup for an Auth0 Account.
    • Free Tier works fine.
  2. Create an Application with the following settings.
    • Name: OIDC Demo
    • Type: Single Page Web Application
    • Allowed Callback URLs: https://<YOUR WEBTASK CONTAINER>.sandbox.auth0-extend.com/oidc-client/callback
  3. Create an API with the following settings:
    • Name: OIDC API
    • Identifier: https://<YOUR WEBTASK CONTAINER>.sandbox.auth0-extend.com/oidc-api
  4. Add a Scope to the OIDC API of read:jokes.

Deploying The Webtask

  1. Clone the repository: git clone https://github.com/NotMyself/oidc_webtask.git
  2. Change directory into the cloned repository cd oidc_webtask.
  3. Open the directory in Visual Studio Code: code ..
  4. Copy the .env_example file to a .env file in the src/api directories.
  5. Update the src/api/.env file to include Auth0 Domain.
  6. Copy the .env_example file to a .env file in the src/client directories.
  7. Update the src/client/.env file to include Auth0 Domain and Client ID.
  8. Open the integrated terminal: ctrl ~.
  9. Run the script scripts/publish

The output will look like this:

Deployment

Note: The URL at the end of the output is where your webtask is hosted.

Implementation Notes

The task I was given was to build a secure Webtask, and add an OIDC provider to secure it and do a brief write up on your process and the decisions you made.

@jcenturion and I had previously worked with a prototype webtask compiler that allowed you to write React components directly in the webtask editor and have it served up as a SPA style website. I decided to use this technique to present a frontend that could consume a secured webtask backend API.

The front end uses Materialize, React, React Router, and Auth0.js. I chose Materialize as it is a nice front end css framework that I have not used previously. I also chose to use the React Context API over some thing like Redux to keep things simple as well as to get a sense of what it is like to work with.

The backend api uses Request, Express, Express JWT, Express JWT AUthz and Jwks RSA to create a typical backend API.

Implementation of Authentication was fairly straight forward. I found this post by Abdulazeez Adeshina very helpful in implementing it in React.

Once I had my login implemented, I moved on to creating a secuired API. I found the Auth0 documentation very helpful in doing this.

One sticking point that I ran into was specifying an audience correctly. I attempted to use the UserInfo audience to secure the API. I had to read up on APIs, Audencies and Scope in the docs.

After creating an API specifically for this demo with apporiate scopes it all started working.

About

A Sample webtask project that uses Auth0's OIDC Provider for authentication.

iamnotmyself.com/

Topics

express react-router reactjs webtasks auth0 materializecss open-id-connect auth0-js

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages