Merge pull request #156 from meza/next

Who's afraid of 138?

.github/workflows/ci.yml

@@ -6,6 +6,9 @@ env:
   LEFTHOOK: 0
 
 permissions:
+  issues: read
+  checks: write
+  contents: write
   pull-requests: write
 
 jobs:

README.md

@@ -255,17 +255,94 @@ export const action: ActionFunction = () => {
 };
 ```
 
-Combining the `forceLogin` and `forceSignup` parameters to control the behavior of the authorization request produce the following results:
+### Forcing a silent authentication
 
-| parameter                               | No existing session   | Existing session              |
-|-----------------------------------------|-----------------------|-------------------------------|
-| `{forceSignup: true}`                   | Shows the signup page | Redirects to the callback url |
-| `{forceLogin: true}`                    | Shows the login page  | Shows the login page          |
-| `{forceSignup: true, forceLogin: true}` | Shows the signup page | Shows the signup page         |
+You can force the user to the sign-up page by passing in the `forceSignup` option to the `authorize` method.
+
+```tsx
+// src/routes/auth/auth0.ts
+import { authenticator } from '../../auth.server';
+import type { ActionFunction } from '@remix-run/node';
+
+export const action: ActionFunction = () => {
+  authenticator.authorize({
+    silentAuth: true
+  });
+};
+```
+
+Combining the `forceLogin`, `forceSignup` and `silentAuth` parameters to control the behavior of the authorization request produce the following results:
+
+| parameter                               | No existing session      | Existing session              |
+|-----------------------------------------|--------------------------|-------------------------------|
+| `{forceSignup: true}`                   | Shows the signup page    | Redirects to the callback url |
+| `{forceLogin: true}`                    | Shows the login page     | Shows the login page          |
+| `{forceSignup: true, forceLogin: true}` | Shows the signup page    | Shows the signup page         |
+| `{silentAuth: true, forceLogin: true}`  | Type Error / Silent auth | Type Error / Silent auth      |
+| `{silentAuth: true, forceSignup: true}` | Needs testing            | Needs testing                 |
+
+
+### Adding a connection
+
+You can also specify the name of the connection configured to your application.
+
+```tsx
+// src/routes/auth/auth0.ts
+import { authenticator } from '../../auth.server';
+import type { ActionFunction } from '@remix-run/node';
+
+export const action: ActionFunction = () => {
+  authenticator.authorize({
+    connection: 'google'
+  });
+};
+```
 
+### Adding custom redirect url parameters
+
+You can also specify custom parameters to be added to the redirect url.
+
+```tsx
+// src/routes/auth/auth0.ts
+import { authenticator } from '../../auth.server';
+import type { ActionFunction } from '@remix-run/node';
+
+export const action: ActionFunction = () => {
+  authenticator.authorize({
+    callbackParams: {
+      foo: 'bar'
+    }
+  });
+};
+```
+
+### Adding a redirect url override for each authorization request
+
+You can also specify a redirect url to be used for each authorization request.
+This will override the default redirect url that you specified when you created the authenticator.
+
+```tsx
+// src/routes/auth/callback.tsx
+import { authenticator } from '../../auth.server';
+import type { ActionFunction } from '@remix-run/node';
+
+export const action: ActionFunction = async ({ request }) => {
+  await authenticator.handleCallback(request, {
+    onSuccessRedirect: '/dashboard', // change this to be wherever you want to redirect to after a successful login
+    onFailureRedirect: '/login' // change this to be wherever you want to redirect to after a failed login
+  });
+};
+```
 
 ## Errors
 
+### Authorization errors
+
+When the authorization process fails, the failure redirect url will be called with an `error` query parameter that
+contains the error code auth0 has given us.
+
+### Verification errors
+
 The verification errors each have a `code` property that you can use to determine what went wrong.
 
 | Code                            | Description                        |

src/Auth0RemixTypes.ts

@@ -79,11 +79,18 @@ export interface Auth0RemixOptions {
   credentialsCallback?: Auth0CredentialsCallback;
 }
 
-export interface AuthorizeOptions {
-  forceLogin?: boolean;
+interface BaseAuthorizeOptions {
+  callbackParams?: Record<string, string>;
   forceSignup?: boolean;
+  connection?: string;
 }
 
+// Make the `silentAuth` and `forceLogin` options mutually exclusive
+export type AuthorizeOptions =
+  BaseAuthorizeOptions & { silentAuth?: boolean; forceLogin?: never; }
+  | BaseAuthorizeOptions & { forceLogin?: boolean; silentAuth?: never; }
+
 export interface HandleCallbackOptions {
   onSuccessRedirect?: string;
+  onFailureRedirect?: string;
 }

src/__snapshots__/index.test.ts.snap

@@ -14,8 +14,14 @@ exports[`Auth0 Remix Server > logging out > calls the correct url 1`] = `"https:
 
 exports[`Auth0 Remix Server > logging out > includes the headers supplied 1`] = `"https://test.domain.com/v2/logout?client_id=clientId&returnTo=http%3A%2F%2Flocalhost%3A3000%2Flogout-with-headers"`;
 
+exports[`Auth0 Remix Server > the authorization process > adds custom callback url parameters 1`] = `"https://test.domain.com/authorize?response_type=code&response_mode=form_post&client_id=clientId&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth0%2Fcallback%3Ftest1%3DtestA%26test2%3DtestB%26test3%3DtestC&scope=offline_access+openid+profile+email&audience=https%3A%2F%2Ftest.domain.com%2Fapi%2Fv2%2F"`;
+
+exports[`Auth0 Remix Server > the authorization process > adds the connection when needed 1`] = `"https://test.domain.com/authorize?response_type=code&response_mode=form_post&client_id=clientId&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth0%2Fcallback&scope=offline_access+openid+profile+email&audience=https%3A%2F%2Ftest.domain.com%2Fapi%2Fv2%2F&connection=google"`;
+
 exports[`Auth0 Remix Server > the authorization process > adds the organisation if needed 1`] = `"https://test.domain.com/authorize?response_type=code&response_mode=form_post&client_id=clientId&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth0%2Fcallback&scope=offline_access+openid+profile+email&audience=https%3A%2F%2Ftest.domain.com%2Fapi%2Fv2%2F&organization=test-org"`;
 
+exports[`Auth0 Remix Server > the authorization process > does silent auth if asked 1`] = `"https://test.domain.com/authorize?response_type=code&response_mode=form_post&client_id=clientId&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth0%2Fcallback&scope=offline_access+openid+profile+email&audience=https%3A%2F%2Ftest.domain.com%2Fapi%2Fv2%2F&prompt=none"`;
+
 exports[`Auth0 Remix Server > the authorization process > forces the login if asked 1`] = `"https://test.domain.com/authorize?response_type=code&response_mode=form_post&client_id=clientId&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth0%2Fcallback&scope=offline_access+openid+profile+email&audience=https%3A%2F%2Ftest.domain.com%2Fapi%2Fv2%2F&prompt=login"`;
 
 exports[`Auth0 Remix Server > the authorization process > forces the signup if asked 1`] = `"https://test.domain.com/authorize?response_type=code&response_mode=form_post&client_id=clientId&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth0%2Fcallback&scope=offline_access+openid+profile+email&audience=https%3A%2F%2Ftest.domain.com%2Fapi%2Fv2%2F&screen_hint=signup"`;