pkce-auth

pkce-auth is minimal library to ease implementing PKCE flows with Auth0.js.

Usage

PKCEAuth(domain, clientId, redirectUri)

Class PKCEAuth is the main helper class, which implements PKCEAuth.

• domain - Your Auth0 domain.
• clientId - Your ClientId from Auth0 Dashboard.
• redirectUri - The redirectUri where to redirect to.

Properties

• client - The internal Auth0.js Instance.
• keys - Object containing codeChallenge and codeVerifier, where challenge is the SHA256'd version of codeVerifier

Methods

buildAuthorizeUrl(params)

Returns the authorize url which can then be used to initiate the login flow, you can pass all arguments you can pass to buildAuthorizeUrl in Auth0.js this will let all arguments but the PKCE specific (responseType, codeChallenge, codeChallengeMethod) pass through.

handleCallback(url, cb)

This function takes two arguments first the url that was returned at the end of the redirect handshake, this should be your redirectUri with additional properties. The second argument is a callback function which follows node style callback convention and will respond with authResult.

Usage Example

In Chrome using Google's launchWebAuthflow you can simple implement a login flow as follows.

const pkceAuth = new PKCEAuth(domain, clientId, redirectUri);
const authorizeUrl = pkceAuth.buildAuthorize(params);
chrome.identity.launchWebAuthflow(authorizeUrl, function (callbackUrl){
   // handle error
   if (chrome.runtime.lastError) return;
   pkceAuth.handleCallback(url, function (err, authResult) {
      if (err) return console.log(err);
      console.log(authResult);
   });
});