Migrating from renewAuth to checkSession (#68)

* Migrating from renewAuth to checkSession

* removing api from example 05

* fixing pr comments

Author: luisrudge

05-Token-Renewal/.env.example

@@ -1,6 +1,6 @@
 # Auth0 React Token Renewal
 
-This sample demonstrates how to silently renew `access_token`s in a React application with Auth0. The sample uses the create-react-app.
+This sample demonstrates how to renew `access_token`s in a React application with Auth0 using `checkSession`. For more information, read [our reference documentation](https://auth0.com/docs/libraries/auth0js#using-checksession-to-acquire-new-tokens). The sample uses the create-react-app.
 
 ## Getting Started
 
@@ -18,11 +18,9 @@ npm install
 
 If you download the sample from the quickstart page, it will come pre-populated with the **client ID** and **domain** for your application. If you clone the repo directly from Github, rename the `auth0-variables.js.example` file to `auth0-variables.js` and provide the **client ID** and **domain** there. This file is located in `src/Auth/`.
 
-You should also provide the identifier for the API you create in the Auth0 dashboard as your `apiUrl`.
+## Set Up `Allowed Web Origins` in the dashboard
 
-## Set Up the `silent.html` File
-
-If you download the sample from the quickstart page, it will come pre-populated with the **client ID** and **domain** for your application. If you clone the repo directly from Github, edit `silent.html` and add your **client ID** and **domain**.
+In order to make `checkSession` work, you need to add the URL where the authorization request originates from, to the Allowed Web Origins list of your Auth0 client in the Dashboard under your client's Settings.
 
 ## Run the Application
 

05-Token-Renewal/README.md

@@ -6,22 +6,17 @@
     "react-scripts": "1.0.10"
   },
   "dependencies": {
-    "auth0-js": "^8.8.0",
+    "auth0-js": "^8.12.1",
     "bootstrap": "^3.3.7",
-    "connect-static-file": "^1.2.0",
-    "cors": "^2.8.4",
-    "express": "^4.15.3",
-    "npm-run-all": "^4.0.2",
     "react": "^15.6.1",
     "react-bootstrap": "^0.31.2",
     "react-dom": "^15.6.1",
     "react-router": "^4.1.2",
     "react-router-dom": "^4.1.2"
   },
   "scripts": {
-    "start": "npm-run-all --parallel server:start client:start",
+    "start": "npm run client:start",
     "client:start": "react-scripts start",
-    "server:start": "node server.js",
     "build": "react-scripts build",
     "test": "react-scripts test --env=jsdom",
     "eject": "react-scripts eject"

05-Token-Renewal/package.json

@@ -10,7 +10,6 @@ export default class Auth {
     domain: AUTH_CONFIG.domain,
     clientID: AUTH_CONFIG.clientId,
     redirectUri: AUTH_CONFIG.callbackUrl,
-    audience: AUTH_CONFIG.apiUrl,
     responseType: 'token id_token',
     scope: 'openid profile'
   });
@@ -97,17 +96,11 @@ export default class Auth {
   }
 
   renewToken() {
-    this.auth0.renewAuth(
-      {
-        audience: AUTH_CONFIG.apiUrl,
-        redirectUri: AUTH_CONFIG.silentAuthRedirect,
-        usePostMessage: true,
-        postMessageDataType: 'auth0:silent-authentication',
-      },
+    this.auth0.checkSession({},
       (err, result) => {
         if (err) {
           alert(
-            `Could not get a new token using silent authentication (${err.error}).`
+            `Could not get a new token (${err.error}: ${err.error_description}).`
           );
         } else {
           this.setSession(result);

05-Token-Renewal/server.js

@@ -1,7 +1,5 @@
 export const AUTH_CONFIG = {
   domain: '{DOMAIN}',
   clientId: '{CLIENT_ID}',
-  callbackUrl: 'http://localhost:3000/callback',
-  apiUrl: '{API_IDENTIFIER}',
-  silentAuthRedirect: 'http://localhost:3001/silent'
+  callbackUrl: 'http://localhost:3000/callback'
 }

05-Token-Renewal/silent.html

@@ -18,8 +18,7 @@ class Home extends Component {
               {this.getExpiryDate()}
             </p>
             <p>
-              The token has been scheduled for renewal using silent
-              authentication, but you can also renew it manually from the navbar
+              The token has been scheduled for renewal, but you can also renew it manually from the navbar
               if you don't want to wait. This manual renewal button is really
               just for demonstration and you probably won't want such a control
               in your actual application.