pjhul / auth0-web-extension Goto Github PK
View Code? Open in Web Editor NEWJS library for authenticating with Auth0 in Web Extensions
Home Page: https://pjhul.com/blog/auth0-web-extension
License: MIT License
JS library for authenticating with Auth0 in Web Extensions
Home Page: https://pjhul.com/blog/auth0-web-extension
License: MIT License
The createAuth0Client
function seems to be shimmed well, and I can actually get a reference to it:
const auth0 = createAuth0Client({
domain: AUTH_DOMAIN,
client_id: AUTH_CLIENTID,
audience: AUTH_AUDIENCE,
redirect_uri: chrome.runtime.getURL("/authSuccess.html"),
// useRefreshTokens: true,
});
console.log({ auth0 });
/**
{
cacheLocation: "memory"
cacheManager: e {cache: {…}, nowProvider: ƒ}
customOptions: {}
defaultScope: "openid profile email"
domainUrl: "https://[...].us.auth0.com"
messenger: e {}
nowProvider: ƒ ()
options: {...}
scope: undefined
tokenIssuer: "https://[...].us.auth0.com/"
transactionManager: e {storage: e, ..., transaction: undefined}
}
**/
But trying to call any of the utility functions throws a TypeError, trying to read a value like l.storage.local
:
const token = await auth0.getTokenSilently();
console.log({ token });
// Uncaught (in promise) TypeError: Cannot read properties of undefined (reading 'local')
All similar methods like getUser()
etc. cause the same issue.
Assumptions
I noticed that getTokenSilently()
returns the same token in many instances. It appears that as long as a service worker is awake the same token will be returned and I assume it just returns the in-memory token instead of doing another handshake for the token. A handshake and new token are only created after the service worker goes to sleep and wakes up again. I am basing this on Paul's blog post (great post, thanks for making it).
"...the nice thing is that on subsequent calls to getTokenSilently, we can pull from the in-memory cache meaning that it consistently takes less than 1ms to get a token."
https://pjhul.com/blog/auth0-web-extension
Our issue
Our issue is that some cases, we need to force a handshake and get a new token instead of using the in-memory cached token.
For us when users sign up without 3rd party auth0 (sign in with google, etc.), we require email verification via users clicking confirm email in their inbox. The user navigates to Gmail to confirm and the auth0-web-extension process is completed before confirming the email. A token is saved with emailVerified
as false
. After the user confirms their email and goes to a website to use the extension functionality the service worker is still awake and has the old token with emailVerified
as false
. The API calls fail because we require it true.
Possible solution
I was thinking we could update getTokenSilently()
with an argument to optionally force a new handshake. I am open to other ideas and interested in contributing to the repository to improve it.
Thanks!
Not able to initialize the client, the import statement itself showing the error
Failed to resolve module specifier "auth0-web-extension". Relative references must start with either "/", "./", or "../".
I am importing like this in background.js
import createAuth0Client from 'auth0-web-extension';
and I have added like this in manifest.json
"background": {
"service_worker": "background.js",
"type": "module"
},
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.