Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature/customTokenExchange #1074

Merged
merged 4 commits into from
Jan 28, 2025
Merged

feature/customTokenExchange #1074

merged 4 commits into from
Jan 28, 2025

Conversation

tusharpandey13
Copy link
Contributor

@tusharpandey13 tusharpandey13 commented Jan 27, 2025
edited
Loading

Changes

Authentication api

  • Added custom token exchange grant method for authenticationClient
  • Added tests for same

Management api

Path HTTP Method Method Name
/token-exchange-profiles/{id} DELETE delete
/token-exchange-profiles/{id} PATCH update
/token-exchange-profiles POST create
/token-exchange-profiles GET getAll
/token-exchange-profiles/{id} GET get
  • Added tests for same

Misc

  • Removed lodash-es from package-lock.json

References

Custom Token Exchange Beta

Test results

Test Suites: 47 passed, 47 total
Tests:       1482 passed, 1482 total
Snapshots:   0 total
Time:        8.113 s
Ran all test suites.

Manual Testing Guide

Pre-Requisites

  1. Enable the CTE feature in your Auth0 tenant.
  2. Create an application with token_exchange set to custom_authentication.
  3. Deploy a Custom Token Exchange Action and note its Action ID.
  4. Securely store your Client ID, Client Secret, and Management API token.
  5. Install the SDK: npm install auth0

Test Scenarios

  1. Create CTE Profile
    Use the following code to create a profile:

    managementClient.tokenExchangeProfiles.create({
  action_id: '<ACTION_ID>',
  name: 'Test Profile',
  subject_token_type: 'urn:acme:test-token',
  type: 'custom_authentication',
});

  2. Token Exchange Request
    Exchange a valid token using:

    const response = await authenticationClient.tokenExchange.exchangeToken({
  subject_token_type: 'urn:acme:test-token',
  subject_token: '<VALID_TOKEN>',
  audience: 'https://api.example.com',
  scope: 'openid profile email',
});
console.log(response);

Appendix

  1. Invalid Token Handling: Use an expired or invalid subject_token and ensure the Action uses api.access.rejectInvalidSubjectToken to handle errors.

  2. Set Metadata: Update user metadata in the Action by adding api.user.setUserMetadata('locale', 'en-US');

  3. Action Validation
    Add logging in the Action to validate request data: console.log(event.transaction.subject_token);

Checklist

@tusharpandey13 tusharpandey13 requested a review from a team as a code owner January 27, 2025 18:21
@tusharpandey13 tusharpandey13 changed the title feature/tokenexchange feature/customTokenExchange Jan 28, 2025
@tusharpandey13 tusharpandey13 merged commit 782fe4b into master Jan 28, 2025
6 checks passed
@tusharpandey13 tusharpandey13 deleted the feature/tokenexchange branch January 28, 2025 10:05
@tusharpandey13 tusharpandey13 mentioned this pull request Jan 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nandan-bhat nandan-bhat nandan-bhat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tusharpandey13 @nandan-bhat