Lab Node OIDC Auth Code Flow + PKCE Trace
In this hands-on lab learners will practice performing a network trace of the authentication process.
Requirements
- A GitHub account: Our labs use GitHub Codespaces, so you'll need a GitHub account to access them. Create a free account here.
- An Auth0 account: You'll also need an Auth0 account. If you do not already have one, you can create a free one here.
Accessing and Working with Auth0 Labs
- Fork this lab repo to your GitHub account: Click the "Fork" button located in the top right corner of the GitHub page. On the resulting page, under "Owner," select the dropdown menu and choose yourself as the owner for the forked repository. Then click the “Create fork” button. After a moment or two, you'll land on your fork of the repository. This fork now belongs to you, and you can revisit it later at any time.
- Open the lab repo in a Codespace: From the “Code” dropdown menu, toggle to the Codespaces tab. Click the plus sign to create and open the lab in a Codespace. A new tab will open, and Codespaces will begin configuring the lab environment. Wait for the environment to finish building.
- Begin working with the lab: Once the environment is ready you'll see a Codetour popup with instructions for connecting the lab to your Auth0 account. This can take some time, as the environment is installing several plugins to facilitate the lab. Once it is complete, you can open the Codetour to view all steps using the panel in the lower right. Follow the lab instructions (clicking to configure, selecting next, inserting code, etc.) in order to complete the lab.
- If you'd like to save your work to your forked lab repo: You can commit and push your changes to your fork (See: Using Source Control in Your Codespace).
- IMPORTANT: Close the Codespace when you're finished with the lab: Codespaces come with a set amount of free usage. To avoid using all of your free use allocation, be sure to return to the forked repo, select the "Code" dropdown, select the dots next to your open Codespace, and select "Delete." This will not delete your forked repository. You can keep that forever, and open a new Codespace whenever you like.
What is Auth0?
Auth0 helps you to:
- Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, among others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
- Add authentication through more traditional username/password databases.
- Add support for linking different user accounts with the same user.
- Support for generating signed JSON Web Tokens to call your APIs and flow the user identity securely.
- Analytics of how, when, and where users are logging in.
- Pull data from other sources and add it to the user profile, through JavaScript rules.
Issue Reporting
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
Author
License
This project is licensed under the MIT license. See the LICENSE file for more info.