Please add example for Auth0 integration

[kristianmandrup]

Trying to figure out how to combine it with passport-auth0 any help greatly appreciated!!

[daffl]

Have you tried integrating it as an oAuth2 strategy as documented in the oAuth 2 API?

[kristianmandrup]

Thanks for commenting on this issue. I think I will just use a similar approach that I used for GraphCool (GraphQL server) with Auth0, using localstorage and setting Bearer JWT token in Passport somehow via passport-jwt and/or passport-auth0

working on various integrations here: easy-graphql-auth

OAuth2 strategy won't work, as Auth0 is itself a wrapper for various OAuth (and other) strategies, ie. a "passport" in itself

[kristianmandrup]

Not sure how/where auth({ storage: localStorage }) fits in with the flow below?
In any case, I think this would work:

const feathers = require('feathers/client');
const rest = require('feathers-rest/client');
const superagent = require('superagent');
const hooks = require('feathers-hooks');
const localStorage = require('localstorage-memory');
const auth = require('feathers-authentication-client');

const client = feathers();

// NOTE: the order is important: auth must be configured _after_ rest/socket
client.configure(hooks())
  .configure(rest('http://localhost:3030').superagent(superagent))
  .configure(auth({ storage: localStorage }));

client.authenticate({
  strategy: 'local',
  email: '[email protected]',
  password: 'admin'
})
.then(response => {
  console.log('Authenticated!', response);
  return client.passport.verifyJWT(response.accessToken);
})
.then(payload => {
  console.log('JWT Payload', payload);
  return client.service('users').get(payload.userId);
})
.then(user => {
  client.set('user', user);
  console.log('User', client.get('user'));
})
.catch(function(error){
  console.error('Error authenticating!', error);
});

We pretty much just have to replace:

client.authenticate({
  strategy: 'local',
  email: '[email protected]',
  password: 'admin'
})
.then(response => {
  console.log('Authenticated!', response);
  return client.passport.verifyJWT(response.accessToken);
})

With something like:

lock
  .subscribeAuthenticated()
  .showLock(displayConfig)
  .onSuccess('signin', (data) => {
    let {
      auth0Token,
      profile
    } = data
    console.log('Authenticated!', data)

    try {
      let payload = await client.passport.verifyJWT(data.auth0Token);
      console.log('JWT Payload', payload);
      let user = await client.service('users').get(payload.userId);
      client.set('user', user);
      console.log('User', client.get('user'));
    } catch (err) {
      console.error('Error authenticating!', error);
    }
  })

[ekryski]

I haven't used Auth0 in a while. At a quick glance that looks like it would work but I don't think this totally correct.

You also need to have your own hooks to protect endpoints using the Auth0 JWT. I'm sure it's doable but you'll need to dive into the Auth0 docs to see if they have a way of verifying their JWT on your server. I suspect it's a remote API call because you'd need to know the secret they are signing the tokens with.

Another option (probably the easiest) is to use the Auth0 OAuth2 strategy and you'll get back a Feathers JWT just like with any other OAuth provider.

@kristianmandrup did you get it solved. If so, maybe you could write up a guide? 😁

[daffl]

The Auth0 oAuth2 strategy has been added to the generated application has been added via feathersjs-ecosystem/generator-feathers#254 so all that should be necessary now is to put in your client secret and id.

[kristianmandrup]

Awesome thanks! If anyone is interested, here is my attempt at writing various utils for integrating JWT/Auth0 for various use cases... (originally designed for use with GraphQL services such as GraphCool)

https://github.com/tecla5/easy-graphql-auth

Feathers App https://github.com/tecla5/easy-graphql-auth/tree/master/packages/feathers-app

Use https://github.com/tecla5/easy-graphql-auth/tree/master/packages/easy-auth0-lock

To display/manage Auth0 lock login dialog

Extend f.ex AjaxAuthConnection: https://github.com/tecla5/easy-graphql-auth/tree/master/packages/http-auth-conn

to integrate Auth0 service with Feathers...

[kristianmandrup]

Would like to have authentication-jwt support localstorage as well as "old school" cookie to store/retrieve the jwt token on the client.

[kristianmandrup]

localstorage support obviously needs to be on the client side

[kristianmandrup]

Started developing a feathers-auth0 client/server demo app using latest feathers-cli (generators) and feathers-client. Feel free to come with suggestions or help make it happen ;)

[poupryc]

Today, there are no more examples on how to integrate auth0 with the latest version of feathersjs. Also, there is no system to record the information returned by auth0 in mongoDB for example.

Could we consider reopening the issue ?

[homerjam]

+1 for reopening

I'm getting an invalid signature error and have been struggling with it for hours. I've used the generator, checked the right signing algorithm is used, client secret is correct.

An example would help sooo much right now 😩