Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support Auth0 as OIDC provider #15634

Merged
merged 7 commits into from Aug 7, 2021
Merged

feat: Support Auth0 as OIDC provider #15634

merged 7 commits into from Aug 7, 2021

Conversation

vishal423
Copy link
Contributor

@vishal423 vishal423 commented Jul 12, 2021
edited

Closes #14864

Please make sure the below checklist is followed for Pull Requests.

When you are still working on the PR, consider converting it to Draft (bellow reviewers) and adding skip-ci label, you can still see CI build result at your branch.

@vishal423 vishal423 marked this pull request as ready for review July 17, 2021 19:03
@vishal423 vishal423 requested a review from mraible July 17, 2021 19:03
@mraible
Copy link
Contributor

mraible commented Jul 20, 2021

I'm on vacation until August 2. I'll be happy to review when I return. If you want to merge sooner, I'd suggest adding the Auth0 steps to www.jhipster.tech/security

@vishal423
Copy link
Contributor Author

Sure. I will wait for your review. Meantime, I will also add setup and configuration instructions on the website.

@vishal423 vishal423 mentioned this pull request Jul 23, 2021
Merged
mraible
mraible reviewed Aug 3, 2021
View reviewed changes
generators/client/templates/angular/src/main/webapp/app/login/login.service.ts.ejs
@@ -86,6 +86,9 @@ export class LoginService {
// if Keycloak, uri has protocol/openid-connect/token
if (logoutUrl.includes('/protocol')) {
logoutUrl = logoutUrl + '?redirect_uri=' + redirectUri;
} else if(logoutUrl.includes('auth0.com')) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic isn't great because Auth0 users can have custom domains.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree. At the moment, I don't have a better way to identify. Also, I am not very happy with the if-else blocks spreading across frontend, e2e, and backend layers to distinguish between different providers. I will create an improvement issue to handle that in a better way.

mraible
mraible requested changes Aug 3, 2021
View reviewed changes
generators/client/templates/angular/src/main/webapp/app/login/login.service.ts.ejs Outdated Show resolved Hide resolved
generators/client/templates/react/src/main/webapp/app/modules/login/logout.tsx.ejs Outdated Show resolved Hide resolved
generators/common/templates/README.md.jhi.ejs Outdated Show resolved Hide resolved
generators/common/templates/README.md.jhi.ejs Outdated Show resolved Hide resolved
generators/common/templates/README.md.jhi.ejs Outdated Show resolved Hide resolved
...rators/server/templates/src/main/java/package/config/SecurityConfiguration_reactive.java.ejs Outdated Show resolved Hide resolved
generators/server/templates/src/main/java/package/security/oauth2/CustomClaimConverter.java.ejs Outdated Show resolved Hide resolved
generators/server/templates/src/main/java/package/security/oauth2/CustomClaimConverter.java.ejs Outdated Show resolved Hide resolved
generators/server/templates/src/main/java/package/web/rest/LogoutResource.java.ejs Outdated Show resolved Hide resolved
generators/server/templates/src/main/java/package/web/rest/LogoutResource.java.ejs Outdated Show resolved Hide resolved
@vishal423
Apply suggestions from code review
bd3e781 
Co-authored-by: Matt Raible <matt.raible@okta.com>
vishal423
vishal423 commented Aug 3, 2021
View reviewed changes
generators/common/templates/README.md.jhi.ejs

### Auth0

If you'd like to use [Auth0](https://auth0.com/) instead of Keycloak, you can follow the below configuration steps:
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will also prefer to remove the below documentation and instead point to the one documented on https://www.jhipster.tech/security/#oauth2 section

@vishal423 vishal423 merged commit 24cda4e into jhipster:main Aug 7, 2021
@vishal423 vishal423 deleted the auth0-support branch August 7, 2021 17:21
@mraible mraible mentioned this pull request Sep 5, 2021
Closed
@pascalgrimaud pascalgrimaud added this to the 7.2.0 milestone Sep 11, 2021
@vishal423
Copy link
Contributor Author

@pascalgrimaud, Bounty claimed https://opencollective.com/generator-jhipster/expenses/50878

@pascalgrimaud
Copy link
Member

@vishal423 : approved. Great work

@calvinlu3 calvinlu3 mentioned this pull request Mar 22, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tcharl Tcharl Tcharl left review comments

@mraible mraible mraible approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
7.2.0
Development

Successfully merging this pull request may close these issues.

Add support for Auth0
4 participants
@vishal423 @mraible @pascalgrimaud @Tcharl