Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SDK-3503] Add *_jwt token endpoint auth methods #376

Merged
merged 13 commits into from
Jul 20, 2022
Merged

[SDK-3503] Add *_jwt token endpoint auth methods #376

merged 13 commits into from
Jul 20, 2022

Conversation

adamjmcgrath
Copy link
Contributor

@adamjmcgrath adamjmcgrath commented Jul 19, 2022
edited
Loading

Description

Adding the private_key_jwt and client_secret_jwt token endpoint authentication methods to the SDK.

Usage

// client_secret_jwt
app.use(
  auth({
    clientID: '...',
    secret: '...',
    issuerBaseURL: '...',
    clientSecret: '...',
    authorizationParams: {
      response_type: 'code',
    },
    clientAuthMethod: 'client_secret_jwt',
  })
);

// private_key_jwt
app.use(
  auth({
    clientID: '...',
    secret: '...',
    issuerBaseURL: '...',
    authorizationParams: {
      response_type: 'code',
    },
    clientAssertionSigningKey: '-----BEGIN RSA PRIVATE KEY-----\nMIIEo...PgCaw\n-----END RSA PRIVATE KEY-----',
  })
);

References

https://openid.net/specs/openid-connect-core-1_0-15.html#ClientAuthentication

Testing

run npm run start:example -- private-key-jwt or npm run start:example -- client-secret-jwt

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not master

@adamjmcgrath adamjmcgrath requested a review from panva July 19, 2022 15:50
@adamjmcgrath adamjmcgrath requested a review from a team as a code owner July 19, 2022 15:50
@lgtm-com
Copy link
Contributor

lgtm-com bot commented Jul 19, 2022

This pull request introduces 2 alerts when merging 946fb88 into b03615c - view on LGTM.com

new alerts:

  • 2 for Missing rate limiting

panva
panva reviewed Jul 19, 2022
View reviewed changes
index.d.ts Outdated Show resolved Hide resolved
lib/config.js Outdated Show resolved Hide resolved
lib/config.js Outdated Show resolved Hide resolved
lib/config.js Show resolved Hide resolved
@adamjmcgrath adamjmcgrath requested a review from panva July 20, 2022 09:17
@lgtm-com
Copy link
Contributor

lgtm-com bot commented Jul 20, 2022

This pull request introduces 2 alerts when merging 959de09 into b03615c - view on LGTM.com

new alerts:

  • 2 for Missing rate limiting

panva
panva reviewed Jul 20, 2022
View reviewed changes
index.d.ts Outdated Show resolved Hide resolved
index.d.ts Outdated Show resolved Hide resolved
@adamjmcgrath adamjmcgrath requested a review from panva July 20, 2022 10:14
@lgtm-com
Copy link
Contributor

lgtm-com bot commented Jul 20, 2022

This pull request introduces 2 alerts when merging b845ae0 into b03615c - view on LGTM.com

new alerts:

  • 2 for Missing rate limiting

@lgtm-com
Copy link
Contributor

lgtm-com bot commented Jul 20, 2022

This pull request introduces 2 alerts when merging c838f8a into b03615c - view on LGTM.com

new alerts:

  • 2 for Missing rate limiting

panva
panva previously approved these changes Jul 20, 2022
View reviewed changes
index.d.ts Outdated Show resolved Hide resolved
@adamjmcgrath @panva
Update index.d.ts
213a177 
Co-authored-by: Filip Skokan <panva.ip@gmail.com>
@lgtm-com
Copy link
Contributor

lgtm-com bot commented Jul 20, 2022

This pull request introduces 2 alerts when merging 213a177 into b03615c - view on LGTM.com

new alerts:

  • 2 for Missing rate limiting

@adamjmcgrath adamjmcgrath merged commit 4d20689 into master Jul 20, 2022
@adamjmcgrath adamjmcgrath deleted the jwt-client-authn branch July 20, 2022 13:27
@adamjmcgrath adamjmcgrath mentioned this pull request Jul 20, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@panva panva panva approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adamjmcgrath @panva @madaster97