Merge pull request #33 from auth0-samples/token-renewal

Token renewal

Author: chenkie

05-Token-Renewal/.env.example

@@ -0,0 +1,2 @@
+AUTH0_AUDIENCE={API_IDENTIFIER}
+AUTH0_DOMAIN={DOMAIN}

05-Token-Renewal/.gitignore

@@ -0,0 +1,24 @@
+# See https://help.github.com/ignore-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+
+# testing
+/coverage
+
+# production
+/build
+
+# misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+auth0-variables.js
+.env

05-Token-Renewal/README.md

@@ -0,0 +1,71 @@
+# Auth0 React Token Renewal
+
+This sample demonstrates how to silently renew `access_token`s in a React application with Auth0. The sample uses the create-react-app.
+
+## Getting Started
+
+Create a new API in the [APIs section](https://manage.auth0.com/#/apis) and provide an identifier for it.
+
+Clone the repo or download it from the React quickstart page in Auth0's documentation. Install create-react-app and the dependencies for the app.
+
+```bash
+npm install -g create-react-app
+cd 05-Token-Renewal
+npm install
+```
+
+## Set the Client ID, Domain, and API URL
+
+If you download the sample from the quickstart page, it will come pre-populated with the **client ID** and **domain** for your application. If you clone the repo directly from Github, rename the `auth0-variables.js.example` file to `auth0-variables.js` and provide the **client ID** and **domain** there. This file is located in `src/Auth/`.
+
+You should also provide the identifier for the API you create in the Auth0 dashboard as your `apiUrl`.
+
+## Set Up the `silent.html` File
+
+If you download the sample from the quickstart page, it will come pre-populated with the **client ID** and **domain** for your application. If you clone the repo directly from Github, edit `silent.html` and add your **client ID** and **domain**.
+
+## Run the Application
+
+The development server that comes with create-react-app can be used to serve the application.
+
+```bash
+npm start
+```
+
+The application will be served at `http://localhost:3000`.
+
+## Making It Live
+
+To make the silent authentication work on a live environment, you'll need to edit the two `localhost` urls in `silent.html` and the one `localhost` url you have in the `auth0-variables.ts` file.
+
+## Troubleshooting
+If you see an error on renewal saying `login_required`, that means you may be using the Auth0 dev keys for whichever social login you're testing. You'll need to add your own keys for this to work.
+
+## What is Auth0?
+
+Auth0 helps you to:
+
+* Add authentication with [multiple authentication sources](https://docs.auth0.com/identityproviders), either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others**, or enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**.
+* Add authentication through more traditional **[username/password databases](https://docs.auth0.com/mysql-connection-tutorial)**.
+* Add support for **[linking different user accounts](https://docs.auth0.com/link-accounts)** with the same user.
+* Support for generating signed [Json Web Tokens](https://docs.auth0.com/jwt) to call your APIs and **flow the user identity** securely.
+* Analytics of how, when and where users are logging in.
+* Pull data from other sources and add it to the user profile, through [JavaScript rules](https://docs.auth0.com/rules).
+
+## Create a free Auth0 account
+
+1. Go to [Auth0](https://auth0.com/signup) and click Sign Up.
+2. Use Google, GitHub or Microsoft Account to login.
+
+## Issue Reporting
+
+If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
+
+## Author
+
+[Auth0](auth0.com)
+
+## License
+
+This project is licensed under the MIT license. See the [LICENSE](LICENSE.txt) file for more info.
+

05-Token-Renewal/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "token-renewal",
+  "version": "0.1.0",
+  "private": true,
+  "devDependencies": {
+    "react-scripts": "1.0.10"
+  },
+  "dependencies": {
+    "auth0-js": "^8.8.0",
+    "connect-static-file": "^1.2.0",
+    "cors": "^2.8.4",
+    "express": "^4.15.3",
+    "npm-run-all": "^4.0.2",
+    "react": "^15.6.1",
+    "react-bootstrap": "^0.31.2",
+    "react-dom": "^15.6.1",
+    "react-router": "^4.1.2",
+    "react-router-dom": "^4.1.2"
+  },
+  "scripts": {
+    "start": "npm-run-all --parallel server:start client:start",
+    "client:start": "react-scripts start",
+    "server:start": "node server.js",
+    "build": "react-scripts build",
+    "test": "react-scripts test --env=jsdom",
+    "eject": "react-scripts eject"
+  }
+}

05-Token-Renewal/public/favicon.ico

@@ -0,0 +1,40 @@
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <meta name="theme-color" content="#000000">
+    <!--
+      manifest.json provides metadata used when your web app is added to the
+      homescreen on Android. See https://developers.google.com/web/fundamentals/engage-and-retain/web-app-manifest/
+    -->
+    <link rel="manifest" href="%PUBLIC_URL%/manifest.json">
+    <link rel="shortcut icon" href="%PUBLIC_URL%/favicon.ico">
+    <!--
+      Notice the use of %PUBLIC_URL% in the tags above.
+      It will be replaced with the URL of the `public` folder during the build.
+      Only files inside the `public` folder can be referenced from the HTML.
+
+      Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
+      work correctly both with client-side routing and a non-root public URL.
+      Learn how to configure a non-root public URL by running `npm run build`.
+    -->
+    <title>React App</title>
+  </head>
+  <body>
+    <noscript>
+      You need to enable JavaScript to run this app.
+    </noscript>
+    <div id="root"></div>
+    <!--
+      This HTML file is a template.
+      If you open it directly in the browser, you will see an empty page.
+
+      You can add webfonts, meta tags, or analytics to this file.
+      The build step will place the bundled scripts into the <body> tag.
+
+      To begin the development, run `npm start` or `yarn start`.
+      To create a production bundle, use `npm run build` or `yarn build`.
+    -->
+  </body>
+</html>

05-Token-Renewal/public/index.html

@@ -0,0 +1,15 @@
+{
+  "short_name": "React App",
+  "name": "Create React App Sample",
+  "icons": [
+    {
+      "src": "favicon.ico",
+      "sizes": "192x192",
+      "type": "image/png"
+    }
+  ],
+  "start_url": "./index.html",
+  "display": "standalone",
+  "theme_color": "#000000",
+  "background_color": "#ffffff"
+}

05-Token-Renewal/public/manifest.json

@@ -0,0 +1,10 @@
+const express = require('express');
+const app = express();
+const cors = require('cors');
+const staticFile = require('connect-static-file');
+
+app.use(cors());
+app.use('/silent', staticFile(`${__dirname}/silent.html`));
+
+app.listen(3001);
+console.log('Server listening on http://localhost:3001. The React app will be built and served at http://localhost:4200.');

05-Token-Renewal/server.js

@@ -0,0 +1,30 @@
+<!doctype html>
+<html>
+<head>
+  <meta charset="utf-8">
+  <script src="https://cdn.auth0.com/js/auth0/8.8/auth0.min.js"></script>
+  <script>
+    var AUTH0_CLIENT_ID = '{CLIENT_ID}';
+    var AUTH0_DOMAIN = '{DOMAIN}';
+
+    if (!AUTH0_CLIENT_ID || !AUTH0_DOMAIN) {
+      alert('Make sure to set the AUTH0_CLIENT_ID and AUTH0_DOMAIN variables in silent.html.');
+    }
+
+    var webAuth = new auth0.WebAuth({
+      domain: AUTH0_DOMAIN,
+      clientID: AUTH0_CLIENT_ID,
+      scope: 'openid profile',
+      responseType: 'token id_token',
+      redirectUri: 'http://localhost:3000'
+    });
+  </script>
+  <script>
+    webAuth.parseHash(window.location.hash, function (err, response) {
+      parent.postMessage(err || response, 'http://localhost:3000');
+    });
+  </script>
+</head>
+<body></body>
+</html>
+

05-Token-Renewal/silent.html

@@ -0,0 +1,3 @@
+.btn-margin {
+  margin: 7px 3px;
+}