Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Allow custom social connection profile script to be included using a file
See original GitHub issueDescribe the problem you’d like to have solved
Within our deployments of Auth0 tenants, we use the Custom Social Connection Type to integrate our different partners as OIDC Identity Providers into our app solutions. As part of the connections, we utilize the custom Fetch User Profile Scripts to fetch and manipulate member details from the partner and our systems.
We attempt to follow the recommendation to keep the scripts simple only making a single request, building the profile and recording any encountered issues to our error tracker. Even with this simplicity the script can be non-trivial and be ~50 lines of code; given the business criticality of the connections, we have a desire to keep the profile scripts under test to minimize the possible issues in production.
With the auth0-deploy-cli tool in both YAML and directory mode this is not currently possible without manual copying and pasting the script directly into either the .yaml or a .json file directly as the script can only be kept in line.
"scripts": {
"fetchUserProfile": "function(accessToken, ctx, cb) cb(null, profile);\n }"
}
scripts:
fetchUserProfile: |-
function(accessToken, ctx, cb) {
cb(null, profile);
}
Describe the ideal solution
We are requesting that the Fetch User Profile Script can reference a .js file in the configuration files (.yaml and .json) that are injected/uploaded at deployment time. Similar to how the Auth0 objects like rules, actions or custom DB scripts work right now. This would allow us to include the script within our testing harness and remove the need for manually copying and pasting the script from a testable file to the configuration files (which could be error-prone).
- name: Append Backend AT Token Claims
script: ./rules/append_backend_at_claims.js
Additionally, we currently use the Github actions integration to automatically deploy changes to our different environments which include testing, staging and production. Having the Fetch User Profile Script have the ability to include configuration data similar to rules or custom DB scripts is also desirable. As it would allow us to simplify our deployment workflows and configuration files; currently we need to do some text replacement to ensure we are making requests against the right environment’s APIs. For an example see below; we understand that this part of the feature request is likely outside the scope of this repository.
----> tenant.yaml
connections:
- name: pchealth-staging-ca
strategy: oauth2
options:
scripts:
fetchUserProfile: ./profile-scripts/embedded_mvp_script.js
scriptConfigs:
- key: "api_domain"
value: @@TENANT_DOMAIN@@
----> profileScript.js
async function embeddedMVPProfileScript(accessToken, context, callback) {
const axios = require("axios");
const domain = configuration.api_domain;
let ProfileResponse;
try {
leagueProfileResponse = await axios.get(
`https://rest.${domain}/userinfo`,
);
} catch (e) {}
Alternatives and current work-arounds
Currently to deal with this issue manually keeping the script in a file connected to our test harness and once the scripts are created or adjusted manually copying and pasting the script into the .yaml config file inline. Replace placeholder values with environment configuration values using the AUTH0_KEYWORD_REPLACE_MAPPINGS (@@ and ##) tokens to ensure the same template file can be deployed to each of our environments.
We have investigated automating this process through Babel and additional plugins but have decided against investing in doing this due to the complexity and level of effort.
Additional Context
Our testing harness is Jest with custom environment initialization to reflect the Auth0 execution environment. Functions are kept alongside unit tests that execute as part of the CI process. In order to have the rules and objects be testable and uploadable to the Auth0 environment, we run a pre-deployment custom Babel plugin to perform manipulations to adjust the import calls and strip the module.exports plus comments from the referenced functions.
Issue Analytics
- State:
- Created a year ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks for the offer of help @willvedd it is very appreciated! I managed to get to a point I am happy with! I have a reusable action workflow as an added step I was able to inject the script with a few constraints/workarounds.
The caveat is you can’t use the @@ keys in your
tenant.yamlfile; which is workable by using “##key##” where needed. Avoiding ## also lets us run a YAML validator which is a nice bonus.Thanks for the nicely articulated request. Frankly, it’s a perfectly reasonable ask and not the first time this has been requested. At the moment, I’m not sure what the level of effort would be to implement. Main concerns here being backwards compatibility and implementing in a way that’s generalized for any code-property, not just the connections scripts.
Despite the idea being good, realistically speaking, we’ve got our Q2 roadmap for this tool set and can’t commit to this feature request at this time.
However, I don’t think you need to copy-paste these scripts into your configuration. If paired with another tool like
yqorjq, should be doable to mutate the configuration files. As a proof of concept I was able to automate with the below script:Admittedly, this additional step is not ideal and don’t officially endorsed, but at least it’s another option for you to explore.