Skip to content

Instantly share code, notes, and snippets.

Saltuk Alakus saltukalakus

View GitHub Profile
@saltukalakus
saltukalakus / SAML-Login-Logout.md
Last active May 13, 2020
Auth0 SAML Login-Logout matrix
View SAML-Login-Logout.md

Auth0 as IdP

IdP initiated login:

IdP initiated logout:

How is it initiated?

Once initiated, sends the logout request to the callback URL configured at SAML addon callback setting.

@saltukalakus
saltukalakus / rule.js
Last active May 14, 2020
DUO replace username
View rule.js
function (user, context, callback) {
var CLIENTS_WITH_MFA = ['REPLACE_WITH_YOUR_CLIENT_ID'];
// run only for the specified clients
if (CLIENTS_WITH_MFA.indexOf(context.clientID) !== -1) {
// uncomment the following if clause in case you want to request a second factor only from user's that have user_metadata.use_mfa === true
// if (user.user_metadata && user.user_metadata.use_mfa){
context.multifactor = {
//required
@saltukalakus
saltukalakus / AddMetadataBasic.md
Last active May 12, 2020
Signing in from the enterprise and social connections with metadata available starting from the first login (a.k.a signup)
View AddMetadataBasic.md

Requirements:

  • We have an app that the users can log in only with a few selected social and the enterprise connections. These users should have a specific app_metadata and user_metadata starting from the first login.

Setup:

1-) Creaate a regular Auth0 DB connection with signup option turned off. Let's assume it's named as Auth0DBInitialMetadata.

2-) Set a rule which prevents login in with the Auth0 DB connection above. So that this connection isn't used for login directly unintentionally.

@saltukalakus
saltukalakus / Login.js
Created Apr 9, 2020
Azure MySQL Login.js
View Login.js
function login(email, password, callback) {
const mysql = require('mysql@2.18.1');
const bcrypt = require('bcrypt');
const azureCa = "-----BEGIN CERTIFICATE-----\nMIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9aMQswCQYDVQQGEwJJ\n....\nR9I4LtD+gdwyah617jzV/OeELqYzmp\n-----END CERTIFICATE-----\n";
const connection = mysql.createConnection({
host: configuration.DbHost,
user: configuration.DbUser,
password: configuration.DbPassword,
database: configuration.DbName,
@saltukalakus
saltukalakus / MySPApp.json
Created Mar 27, 2020
Deploy CLI multiple callback URL update
View MySPApp.json
{
"allowed_clients": [],
"allowed_logout_urls": [
"https://##ENV##.myapp.com/logout"
],
"allowed_origins": [
"https://##ENV##.myapp.com/"
],
"app_type": "spa",
"callbacks": @@example-app-redirect-uri@@,
@saltukalakus
saltukalakus / GetUser.js
Last active Mar 18, 2020
Custom DB Wordpress Migration Script
View GetUser.js
/* globals require, configuration */
/**
* This script will be executed when the user wishes to change their password to test if the user exists.
* This needs a global configuration option with the following properties:
* {string} endpointUrl - Site URL with an empty "a0_action" parameter appended.
* {string} migrationToken - Migration token found in the plugin settings
* {string} userNamespace - Formatted site name to avoid user ID overlapping.
*
* @param {string} email - User email address, provided on login.
@saltukalakus
saltukalakus / saml_metadata_modified_with_connection.xml
Last active Feb 12, 2020
Saml metadata modified with the connection name where Auth0 is the IdP
View saml_metadata_modified_with_connection.xml
<EntityDescriptor entityID="urn:saltuk-auth0idp.auth0.com" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>MIIC+jCCAeKgAwIBAgIJM/mSNGTlZt68MA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNVBAMTGXNhbHR1ay1hdXRoMGlkcC5hdXRoMC5jb20wHhcNMTYxMDE0MTQ1MjA1WhcNMzAwNjIzMTQ1MjA1WjAkMSIwIAYDVQQDExlzYWx0dWstYXV0aDBpZHAuYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA063hHO/Re8FcsDvQu6CZJi8pO4BahbemEoyYYtEbUPcXaHE47HCXqEESdQLxTw1PDCKIrjtCD+jqhn/yJusJTiQEr2ytvIhmM9spHL+iSQpw9fOTj5PimfQ+pHWJd23lasPJbzd5vZKlQwAbOod2HNSPOl5iWp6v5fqevidRH75T8imctXFd3f1H0q/Y8kUWYzLAbtk6IIhWcfZKG8XXrvtPa4nvmYXw6vnac/TYjdNsBfEZ1/613fL4HoixdU+jZADUswLeCNy4v1Q8pyCbHAh+P+lMW6HIHqVvu9zGv3vkhP5iyuVeFoVGGywqWurNBNWPZkhNFU2UtQhu37W6rwIDAQABoy8wLTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBQg1RX34/QPs9ay6NRELbAZcQbDDzANBgkqhkiG9w0BAQUFAAOCAQEAr1+qRB0Abky8d
@saltukalakus
saltukalakus / hostedPasswordlessPage.html
Created Dec 5, 2019
Print the phone number on console before submit
View hostedPasswordlessPage.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Sign In with Auth0</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
</head>
<body>
@saltukalakus
saltukalakus / gist:08efe814847f9a049ce4d07140817c78
Created Dec 3, 2019
Encrypt & Decrypt with existing keys
View gist:08efe814847f9a049ce4d07140817c78
const crypto = require("crypto");
let publicKey = `-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsoykgfqb0VqzTIDDShJ7
Pa7sg6hV4kmBBof7LLPyvmMdNB/2zNZ3mfEr0Dw+qNinmyVXQ5b/DjwbjHvYQpn9
foiFFDS6fP8ErGkICEN/68JvI/MSEJsbfDxKM/rQTwXVfD+0wxEIRblzW1LMYraO
NuCPWgg0UZRmis+8Qcr0vZdf61lyfyaTx0C0bwS/wsJO0yFrIWGMsatYZktbbpPG
IOQwqT2VIWfvcKjMcV8OXHNMoVjG6ni3kqXjSPYKaT1qWl4L73/dWKS0IlJJfdYw
0hpzDsmgwnsug9KBtfzbreNenVPbMfCUXone8VQZ/0+Eb8iO7JwaPuFld+0Czcsu
kG6pmBUwaPk9ISlRNWUkyhUP9q4rUmAzAZgcYPNVWQVZwG/u7X2Jbf7jdsYvvCX3
@saltukalakus
saltukalakus / test.js
Created Dec 3, 2019
Encrypt & Decrypt with Node's crypto lib.
View test.js
const crypto = require("crypto");
crypto.generateKeyPair(
"rsa",
{
modulusLength: 4096,
publicKeyEncoding: {
type: "spki",
format: "pem"
},
You can’t perform that action at this time.