Using just the auth package (not aws-sdk) how can I configure Amplify with my credentials?
const {
Auth,
// configure?
} = require('#aws-amplify/auth')
There is a configure method on the Auth class.
Example:
Auth.configure({
region: import.meta.env.VITE_AWS_REGION,
userPoolId: import.meta.env.VITE_USER_POOL_ID,
userPoolWebClientId: import.meta.env.VITE_USER_POOL_CLIENT_ID,
});
Reference: https://github.com/aws-amplify/amplify-js/blob/6882c5e6e8f1bff2206ff0de74cebbcf87efd622/packages/auth/src/Auth.ts#L141
Related
So I'm building a github app, and I am wanting to be able to authenticate as the app so I can do graphql calls as that user. So, I can authenticate as the app, and get the JWT, but I can't seem to use the JWT. Code looks like:
const { Octokit } = require("#octokit/core");
const { createAppAuth} = require("#octokit/auth-app");
const fs = require('fs')
const auth = createAppAuth( {
appId: process.env.APP_ID,
privateKey: fs.readFileSync(__dirname + "/../" + process.env.PRIVATE_KEY_PATH, "utf-8"),
clientId: process.env.CLIENT_ID,
clientSecret: process.env.WEBHOOK_SECRET
})
// Send requests as GitHub App
async function main() {
const {token} = await auth({type: "app"})
console.log(token);
const appOctokit = new Octokit({
baseUrl: 'https://github.<company>.com/api/v3',
auth: `token ${token}`
});
const { slug } = await appOctokit.request("GET /user");
console.log("authenticated as %s", slug);
}
main().then().catch(err => {
console.log(err.message)
console.log(err.stack)
console.log("oops")
})
I end up getting an HttpError: Bad Credentials.
What am I missing?
The reason for the bad credentials error though is that you are trying to authenticate as the app for the GET /user request. This is a user-specific request, which requires an OAuth token.
Try sending GET /app instead, it should work.
If you do want to authenticate as a user, then there are two ways to receive an OAuth token through a GitHub App (GitHub calls these user-to-server token, because the token is authorized by both, the app and the user).
OAuth Web flow
OAuth Device flow
For the Web Flow, see https://github.com/octokit/auth-app.js/#user-authentication-web-flow. You will need a server that can receive the http redirect from GitHub. You can use the #octokit/app SDK which exports a node middleware for that and other OAuth related usecases , as well as webhooks: https://github.com/octokit/app.js/#middlewares
For the OAuth Device Flow, see https://github.com/octokit/auth-app.js/#user-authentication-device-flow.
If you want to authenticate using the OAuth Device Flow without exposing the OAuth Client Secret, you can use the dedicated OAuth Device Flow authentication strategy: https://github.com/octokit/auth-oauth-device.js
I want to activate ambassador authservice to only require authentication on certain routes/urls. Now if you install the basic http auth service it requires this auth for all services by default. So how can I configure ambassador or the auth service (separate service with ExAuth) to only require auth on certain routes/urls?
Ambassador version 0.51.2
kubernetes version 1.14
auth service I am using as base: https://github.com/datawire/ambassador-auth-httpbasic
If you see the server.js example in https://github.com/datawire/ambassador-auth-httpbasic you'll see that it's only authenticating for /extauth/qotm/quote*. If you are using the same server.js to start you'll have to add another app.all section with whatever you want to authenticate. For example:
app.all('/extauth/myapp/myurl*', authenticate, function (req, res) {
var session = req.headers['x-myapp-session']
if (!session) {
console.log(`creating x-myapp-session: ${req.id}`)
session = req.id
res.set('x-myapp-session', session)
}
console.log(`allowing MyApp request, session ${session}`)
res.send('OK (authenticated)')
})
Or you can implement this server using a different language if you'd like too.
I'm relatively new to Strongloop's Loopback.
A project I'm working on requires HTTP-Digest to use as authentication.
I have setup the ACL on the models (and endpoints). SPA client uses REST to consume services.
I'm stuck on how to use http digest auth (username:realm:password) / nonce instead of the plain login of username/password.
I still would like to use the token auth also.
I'm currently looking at the ff 3 projects though:
loopback-component-auth
passport-http
loopback-component-passport
Any help would be appreciated! Thank you!
You can use Express Middleware to configure HTTP authentication:
Use this node module: http-auth
Create digest-auth.js boot script in server/boot folder
var auth = require('http-auth');
var basic = auth.basic({
realm: "<your authentication realm>",
file: __dirname + "<path to your .htpasswd file"
});
module.exports = function (app) {
app.use(auth.connect(basic));
// Setup route.
app.get("/", (req, res) => {
res.send("Secured resource access granted!");
});
}
You can check more option available with "http-auth" module to use "username:realm:password" for authentication
Hope this would help you !
I creating a website which has register link multiple auth providers and custom token as well. I also using AngularFire2 to communicate between Angular2 and Firebase but seem it doesn't have method similar with Firebase, e.g:
var ref = new Firebase("https://<YOUR-FIREBASE-APP>.firebaseio.com/");
ref.authWithCustomToken(AUTH_TOKEN, function(error, authData) {
Anyone can show up to me how can deal with issue?
To authenticate using a custom token, you can call AngularFire2's login method with the following configuration options:
angularFire.auth.login(AUTH_TOKEN, {
provider: AuthProviders.Custom,
method: AuthMethods.CustomToken
});
Internally, this will call Firebase's signInWithCustomToken method.
I am building an application using hapi.js . The clients of this application are going to be either a web application, so authentication is via JWT in the coookie or via OAuth2 clients which are going to be sending the Bearer key header.
Is there some way that the framework allows using both schemes for the same route? I want the authentication to fail if both schemes fail, but pass if either of the go through.
Look at http://hapijs.com/api#route-options under auth.strategies. This will allow you to set multiple strategies for your route. You can define the behaviour with auth.mode.
hapi supports multiple authentication strategies for a route. Register the indiviual plugins for authentication and set the default auth scheme afterwards.
var Hapi = require('hapi')
var BasicAuth = require('hapi-auth-basic')
var CookieAuth = require('hapi-auth-cookie')
// create new server instance
var server = new Hapi.Server()
// register plugins to server instance
server.register([ BasicAuth, CookieAuth ], function (err) {
if (err) {…}
server.auth.strategy('simple', 'basic', { validateFunc: basicValidationFn })
server.auth.strategy('session', 'cookie', { password: '…' })
server.auth.default('simple')
})
Each authentication scheme may require dedicated configuration (like a cookie password, a validation function, etc.) that you need to provide.