Express.js middleware designed for managing a web application's interactions with the Auth0 SDK.
npm install cimpress-express-auth0 --save, or
yarn add cimpress-express-auth0
The config object passed in must have the following sections and fields:
Section: app.auth0 Fields:
- domain: The token issuer w/o https:// or the trailing /
- realm: The realm of the token, used in the challenge headers, full url (w/ https:// and trailing /)
- jwksUrl: The url to retrieve the jwk from, only needed for OAuth v2
Section: app.auth0.application Fields:
- secret: The client secret, not needed for OAuth v2
- clientId: Your own client id
- resourceServer: The audience for the auth token
- excludedRoutes (Optional): Routes that shouldn't be protected by Auth0
You can also pass in a cache object, used for only OAuth v2, with the following two functions:
- get(string kid){ return (The base64 encoded public key) }
- set(string kid, string encodedPublicKey, int TTL) { return; }
We are using semantic-release with AngularJS Git Commit Message conventions. Please ensure that you use that commit message format so that publishing happens as needed. We recommend using commitizen for that.