Add hook support for authenticating using Password Realm grant

auth0 · Jan 24, 2025 · 5ea505d · 5ea505d
1 parent 1510b11
commit 5ea505d
Show file tree

Hide file tree

Showing 4 changed files with 90 additions and 2 deletions.
diff --git a/src/hooks/__tests__/use-auth0.spec.jsx b/src/hooks/__tests__/use-auth0.spec.jsx
@@ -65,6 +65,8 @@ const mockAuth0 = {
     loginWithOTP: jest.fn().mockResolvedValue(mockCredentials),
     loginWithRecoveryCode: jest.fn().mockResolvedValue(mockCredentials),
     hasValidCredentials: jest.fn().mockResolvedValue(),
+    loginWithRecoveryCode: jest.fn().mockResolvedValue(mockCredentials),
+    passwordRealm: jest.fn().mockResolvedValue(mockCredentials),
   },
   credentialsManager: {
     getCredentials: jest.fn().mockResolvedValue(mockCredentials),
@@ -781,6 +783,64 @@ describe('The useAuth0 hook', () => {
     expect(result.current.error).toBe(mockAuthError);
   });
 
+  it('can authorize with password realm, passing through all parameters', async () => {
+    const { result } = renderHook(() => useAuth0(), {
+      wrapper,
+    });
+
+    let promise = result.current.authorizeWithPasswordRealm({
+      username: '[email protected]',
+      password: 'random-password',
+      realm: 'react-native-sample-app',
+    });
+
+    await waitFor(() => expect(result.current.isLoading).toBe(false));
+
+    expect(mockAuth0.auth.passwordRealm).toHaveBeenCalledWith({
+      username: '[email protected]',
+      password: 'random-password',
+      realm: 'react-native-sample-app',
+    });
+
+    let credentials;
+    await act(async () => {
+      credentials = await promise;
+    });
+    expect(credentials).toEqual({
+      idToken:
+        'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxIiwiaXNzIjoiaHR0cHM6Ly9hdXRoMC5jb20iLCJhdWQiOiJjbGllbnQxMjMiLCJuYW1lIjoiVGVzdCBVc2VyIiwiZmFtaWx5X25hbWUiOiJVc2VyIiwicGljdHVyZSI6Imh0dHBzOi8vaW1hZ2VzL3BpYy5wbmcifQ==.c2lnbmF0dXJl',
+      accessToken: 'ACCESS TOKEN',
+    });
+  });
+
+  it('sets the user prop after successful authentication', async () => {
+    const { result } = renderHook(() => useAuth0(), {
+      wrapper,
+    });
+
+    result.current.authorizeWithPasswordRealm();
+    await waitFor(() => expect(result.current.isLoading).toBe(false));
+
+    expect(result.current.user).toMatchObject({
+      name: 'Test User',
+      familyName: 'User',
+      picture: 'https://images/pic.png',
+    });
+  });
+
+  it('does not set user prop when authentication fails', async () => {
+    mockAuth0.auth.passwordRealm.mockRejectedValue(mockAuthError);
+    const { result } = renderHook(() => useAuth0(), {
+      wrapper,
+    });
+
+    result.current.authorizeWithPasswordRealm();
+    await waitFor(() => expect(result.current.isLoading).toBe(false));
+
+    expect(result.current.user).toBeNull();
+    expect(result.current.error).toBe(mockAuthError);
+  });
+
   it('can clear the session', async () => {
     const { result } = renderHook(() => useAuth0(), {
       wrapper,

diff --git a/src/hooks/auth0-context.ts b/src/hooks/auth0-context.ts
@@ -14,6 +14,7 @@ import {
   WebAuthorizeParameters,
   PasswordlessWithSMSOptions,
   ClearSessionOptions,
+  PasswordRealmOptions,
 } from '../types';
 
 export interface Auth0ContextInterface<TUser extends User = User>
@@ -105,6 +106,12 @@ export interface Auth0ContextInterface<TUser extends User = User>
    * Clears the user's credentials without clearing their web session and logs them out.
    */
   clearCredentials: () => Promise<void>;
+  /**
+   * Authorize user with credentials using the Password Realm Grant. See {@link Auth#passwordRealm}
+   */
+  authorizeWithPasswordRealm: (
+    parameters: PasswordRealmOptions
+  ) => Promise<Credentials | undefined>;
 }
 
 export interface AuthState<TUser extends User = User> {
@@ -143,6 +150,7 @@ const initialContext = {
   clearSession: stub,
   getCredentials: stub,
   clearCredentials: stub,
+  authorizeWithPasswordRealm: stub,
 };
 
 const Auth0Context = createContext<Auth0ContextInterface>(initialContext);

diff --git a/src/hooks/auth0-provider.tsx b/src/hooks/auth0-provider.tsx
@@ -25,6 +25,7 @@ import {
   User,
   WebAuthorizeOptions,
   WebAuthorizeParameters,
+  PasswordRealmOptions,
 } from '../types';
 import { CustomJwtPayload } from '../internal-types';
 import { convertUser } from '../utils/userConversion';
@@ -301,6 +302,22 @@ const Auth0Provider = ({
     [client]
   );
 
+  const authorizeWithPasswordRealm = useCallback(
+    async (parameters: PasswordRealmOptions) => {
+      try {
+        const credentials = await client.auth.passwordRealm(parameters);
+        const user = getIdTokenProfileClaims(credentials.idToken);
+        await client.credentialsManager.saveCredentials(credentials);
+        dispatch({ type: 'LOGIN_COMPLETE', user });
+        return credentials;
+      } catch (error) {
+        dispatch({ type: 'ERROR', error });
+        return;
+      }
+    },
+    [client]
+  );
+
   const hasValidCredentials = useCallback(
     async (minTtl: number = 0) => {
       return await client.credentialsManager.hasValidCredentials(minTtl);
@@ -334,6 +351,7 @@ const Auth0Provider = ({
       clearSession,
       getCredentials,
       clearCredentials,
+      authorizeWithPasswordRealm,
     }),
     [
       state,
@@ -350,6 +368,7 @@ const Auth0Provider = ({
       clearSession,
       getCredentials,
       clearCredentials,
+      authorizeWithPasswordRealm,
     ]
   );
 

diff --git a/src/hooks/use-auth0.ts b/src/hooks/use-auth0.ts
@@ -25,10 +25,11 @@ import Auth0Context, { Auth0ContextInterface } from './auth0-context';
  *   clearSession,
  *   getCredentials,
  *   clearCredentials,
- *   requireLocalAuthentication
+ *   requireLocalAuthentication,
+ *   authorizeWithPasswordRealm,
  * } = useAuth0();
  * ```
- * 
+ *
  * Refer to {@link Auth0ContextInterface} on how to use the above methods.
  */
 const useAuth0 = () => useContext(Auth0Context);