Skip to content

Instantly share code, notes, and snippets.

View chrisscott's full-sized avatar

Chris Scott chrisscott

View GitHub Profile
@chrisscott
chrisscott / login.js
Last active February 24, 2021 20:05
Auth0 Custom Database Script for ADFS
View login.js
async function login(email, password, callback) {
const jwt = require('jsonwebtoken');
const axios = require('axios');
const transformRequest = (jsonData = {}) => Object.entries(jsonData).map(x => `${encodeURIComponent(x[0])}=${encodeURIComponent(x[1])}`).join('&');
const adfs_domain = '[YOUR ADFS DOMAIN]';
const client_id = '[YOUR ADFS APP CLIENT ID]';
const client_secret = '[YOUR ADFS CLIENT SECRET]';
const url = `https://${adfs_domain}/adfs/oauth2/token`;
const input = {
client_id,
@chrisscott
chrisscott / login.html
Last active October 12, 2020 15:46
Auth0 New Universal Login - Redirect on Device Flow Confirmation
View login.html
<!DOCTYPE html>{% if prompt.screen.name == "device-code-activation-allowed" %}<html><head><meta http-equiv="refresh" content="0;url=http://example.com" /></head><body></body></html>{% else %}<html><head>{%- auth0:head -%}<title>{{ prompt.screen.texts.pageTitle }}</title></head><body class="_widget-auto-layout">{%- auth0:widget -%}</body></html>{% endif %}
@chrisscott
chrisscott / addUuidToNewUsers.js
Last active August 20, 2020 18:17
Auth0 Rule to Add App Metadata (UUID) to a New User
View addUuidToNewUsers.js
async function addUuidToNewUsers (user, context, callback) {
const { v4: uuidv4 } = require('uuid');
user.app_metadata = user.app_metadata || {};
// check to see if the user has a uuid in app metadata
if (user.app_metadata.uuid) {
return callback(null, user, context);
}
// generate uuid and store in user's app metadata
@chrisscott
chrisscott / login.html
Last active July 28, 2020 17:05
Auth0 Universal Login - Lock and Passwordless via loginHint
View login.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Sign In with Auth0</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0" />
</head>
<body>
@chrisscott
chrisscott / stepUpMFA.js
Created May 6, 2020 19:18
Auth0 Force MFA Based on Scope
View stepUpMFA.js
function stepUpMFA(user, context, callback) {
// Check if has done MFA in the last 10 minutes
const completedMfa =
context.authentication &&
!!context.authentication.methods.find(method => {
if (method.name === 'mfa') {
// Require MFA every 10 minutes
const requireMFAAt = method.timestamp + 600 * 1000;
return requireMFAAt > Date.now();
@chrisscott
chrisscott / Dockerfile
Created October 28, 2019 18:56
Auth0 OpenResty OIDC Reverse Proxy
View Dockerfile
FROM openresty/openresty:alpine-fat
RUN mkdir /var/log/nginx
RUN apk add --no-cache openssl-dev
RUN apk add --no-cache git
RUN apk add --no-cache gcc
RUN luarocks install lua-resty-openidc
RUN luarocks install lua-resty-session
ENTRYPOINT ["/usr/local/openresty/nginx/sbin/nginx", "-g", "daemon off;"]
@chrisscott
chrisscott / rule-add-claim-from-api-to-token.js
Created April 4, 2019 17:15
Auth0 - add a claim retrieved from an API to an access token
View rule-add-claim-from-api-to-token.js
function (user, context, callback) {
// Roles should only be set on verified users.
if (!user.email || !user.email_verified) {
return callback(null, user, context);
}
request.get('https://API_URL', {
qs: {
email: user.email,
@chrisscott
chrisscott / auth0-rule-audience-specific-action.js
Created March 21, 2019 18:55
Auth0 Rule - take an action for a specific `audience` in the request
View auth0-rule-audience-specific-action.js
function (user, context, callback) {
const audience = context.request.query.audience || false;
if ( !audience || '<API_AUDIENCE>' !== audience) {
callback(null, user, context);
}
// Do something with an authentication request that matches <API_AUDIENCE>
// ...
callback(null, user, context);
}
@chrisscott
chrisscott / rule-add-claim-to-token.js
Last active April 4, 2019 17:05
Auth0 Rule - Add claim to a token
View rule-add-claim-to-token.js
function (user, context, callback) {
// Roles should only be set to verified users.
if (!user.email || !user.email_verified) {
return callback(null, user, context);
}
if (user.app_metadata.drupal_role) {
context.idToken['https://example.com/drupal_role'] = user.app_metadata.drupal_role;
}
@chrisscott
chrisscott / hack.sh
Created April 4, 2012 15:54 — forked from kaimallea/hack.sh
OSX For Hackers
View hack.sh
#!/usr/bin/env sh
##
# This is script with usefull tips taken from:
# https://github.com/mathiasbynens/dotfiles/blob/master/.osx
#
# install it:
# curl -sL https://raw.github.com/gist/2108403/hack.sh | sh
#