Client secrest from Auth0 are not base64 encoded #3
Comments
SteveALee
changed the title
|
Is the project still maintained? |
|
I'm wondering that myself! actually the code is small it's easy to have your own copy as I did here https://auth0.com/blog/using-serverless-azure-functions-with-auth0-and-google-apis/?utm_source=twitter&utm_medium=sc&utm_campaign=azure_functions Even better a little refactoring would remove the very small specifics for functions or auth0 making a generic auth check wrapper |
|
Just wrote a wrapper based on yours and "auth0" module. Thanks! 😅 |
|
@facadev neat - do you fancy sharing it? |
|
It's a minimal one: Yet I am a bit frustrated that when using third-party auth0 for authentication, the delay significantly increases. |
|
Yes I'm finding average time of 2 seconds which is not good. Will contact
their support.
Steve Lee
Sent from my mobile device Please excuse typing errors
…On 14 Mar 2017 15:33, "facadev" ***@***.***> wrote:
It's a minimal one:
var auth0 = new AuthenticationClient({
domain: '...',
clientID: '...'
});
function auth(main_func) {
return function(context, req) {
if(req.body)
var access_token = req.body[config.auth_input];
if(!access_token)
return context.done(...);
auth0.getProfile(access_token, (err, user) => {
if(err) return cb(err);
if(user == 'Unauthorized') return context.done(...);
req.user = user;
main_func(context, req);
});
}
Yet I am a bit frustrated that when using third-party auth0 for
authentication, the delay significantly increases.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAlxqtg4ge2vcLqkcnXjNK01gIT_bCNjks5rlrMwgaJpZM4MGfqr>
.
|
|
Still much luckier than me. Mine goes from 1 sec to 1 min. Things have gone worse since my node_modules grew big. I didn't see any similar issue with Amazon Lambda though. |
|
Ouch! Are you excluding function app warm up time?
Get Outlook for Android
On Tue, Mar 14, 2017 at 3:45 PM +0000, "facadev" <notifications@github.com> wrote:
Still much luckier than me. Mine goes from 1 sec to 1 min. Things have gone worse since my node_modules grew big. I didn't see any similar issue with Amazon Lambda though.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
Just tested it again and it took 62s to handle the first call in a while (cold start), causing my client to time out. Subsequent calls took around 650ms each. The function I tested simply uses the auth function above. If I reference any other module like Azure Storage service, the warm-up time will be more than 100s. Is that a common case? In my humble opinion, Azure functions can only serve as a worker for periodic tasks that is not time-critical. PS. I use the "relative path" trick to require modules, eg. require('../node_modules/sth'), which saves me a bunch of seconds each time. Without it, it would feel like ages to get response from a not-so-complex call. |
|
Warm up is usually 6 seconds or so. 100 indicates something weird is goining on. Its not clear exactly what is included in your function times. A simple function processing some logic and then before responding is usualy fast. 100s of ms. Dif you make sure your azure and auth0 regions are geographically close to avoid propagation delays? My function calls auth0 3 times and as the headers are not simple that means 6 round trips. Even so 2 seconds is long. I'm wondering if the use of request in a function has a performance hit in its self? Much as I like auth0 I'm wonder if passport might be a better solution if we can t get the speed up. But first I'll discuss with the auth0 engineers to eliminate any thing daft. Of course there are many definitions of critical, from hard real time life or mission critical Downward. However user need timely responses or they move on. So this has to work at a user-friendly speef |
|
With those times I suggest you contact AzureFunctions support. They usually
respond on twitter as well as other channels
Please do let me know what you discover .
Steve Lee
OpenDirective http://opendirective.com
…On 14 March 2017 at 16:21, facadev ***@***.***> wrote:
Just tested it again and it took 62s to handle the first call in a while
(cold start), causing my client to time out. Subsequent calls took around
650ms each. The function I tested simply uses the auth function above. If I
reference any other module like Azure Storage service, the warm-up time
will be more than 100s.
Is that a common case? In my humble opinion, Azure functions can only
serve as a worker for periodic tasks that is not time-critical.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#3 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAlxqq4NRPN6rs70N69h27RSZN3kHfZ5ks5rlr6PgaJpZM4MGfqr>
.
|
|
Yes, my auth0 server is located in the same region. To find where the issue is, here's what I do:
So far everything seems to be fine. I doubt my previous case might be attributed to a failed installation of a native module, which made the app environment a mess (?). Anyway, I will shoot my Function name to the team and see what comment they have. Edit: It ran still very slowly when I tried to invoke it after hours, and I found the most impactful code is simply "require". |
|
BTW, @SteveALee do you mean using passport-auth0? |
|
@facadev After discussion with @christopheranderson, a number of points became clear
Also, I simply meant using plain passport and managing everything myself rather than the @auth0 service. I much rather NOT do that though. The only reason would be the delays are giving users a bad UX. Reasons for using Auth0 are: Auth is very hard to get right, Auth0 is very flexible and using Express middleware in Functions is little bit messy as expected context is missing. |
|
Yeah I also found it just now. It's said to be experimental. I will give it a shot later. Haven't got my hands on App Insights yet. I'm curious to see if there will be any valuable insight from that. :) |
|
I'll report back :) |
The code creating the JWT assume the client secret is base64 encoded.
https://github.com/sandrinodimattia/azure-functions-auth0/blob/master/src/index.js#L22-L24
When you cut and paste from the AUTH0 console that is not the case.
You should let the user decide on what encoding they want
Ditto the domain. The using code should make it a valid URL if required.
I nearly made a PR but decided to discuss first
The text was updated successfully, but these errors were encountered: