@konrad.sopala @bpliska Here we go…it’s been a long time since I messed with any of this, so please excuse the brevity. I’m just going to list the rules I have added for my user “sign up” flow.
- This first rule adds a “signedUp” attribute to a new user’s app_metadata that gets used during step 2, when I create the user and profile. This is how I handle first time social user signups…see the last bit of step 2 in the comments where I explain.
function signedUpAttribute(user, context, callback) {
user.app_metadata = user.app_metadata || {};
// short-circuit if the user signed up already
if (user.app_metadata.signedUp !== undefined) return callback(null, user, context);
// first time login/signup
user.app_metadata.signedUp = false;
auth0.users
.updateAppMetadata(user.user_id, user.app_metadata)
.then(function () {
callback(null, user, context);
})
.catch(function (err) {
callback(err);
});
}
- This second rule creates a backend user and profile in myApp’s DB that will represent the user in auth0:
function createMyAppUserForSocial(user, context, callback) {
var clientCreds = '';
var profileId = 0;
var axios = require('axios');
var namespace = 'https://myapp.com/';
user.app_metadata = user.app_metadata || {};
function saveUser() {
console.log('######### Begin Saving MyApp User #########');
axios.put('https://api.myapp.com/api/user/save',
{
username: user.username,
email: user.email,
profileId: profileId
},
{
headers:
{
'Authorization': `Bearer ${clientCreds}`
}
})
.then(res => {
user.app_metadata.myAppId = res.data.id;
user.app_metadata.signedUp = true;
context.accessToken['https://www.myapp.com/myAppId'] = res.data.id;
try {
auth0.users.updateAppMetadata(user.user_id, user.app_metadata);
} catch (auth0Error) {
console.error('Error updating the user app_metadata: ' + auth0Error.message);
return callback(null, user, context);
}
console.log('######### Complete Saving MyApp User #########');
callback(null, user, context);
})
.catch(error => console.log(error));
}
function createProfile() {
console.log('######### Begin Creating MyApp Profile #########');
axios.put('https://api.myapp.com/api/profile/save',
{
description: 'Enter a few words to describe yourself.',
profileInfo: [
{
'address': '1234 Main Street',
'city': 'Dallas'
}]
},
{
headers:
{
'Authorization': `Bearer ${clientCreds}`
}
})
.then(res => {
profileId = res.data.id;
saveUser();
})
.catch(error => console.log(error));
}
if (user.app_metadata.signedUp === false) {
axios
.post('https://myapp.eu.auth0.com/oauth/token',
{
client_id: 'clientIdHere',
client_secret: 'clientSecretHere',
audience: 'https://myapp.com/',
grant_type: 'client_credentials'
})
.then(res => {
clientCreds = res.data.access_token;
createProfile();
console.log('##### User & Profile created #####');
})
.catch(error => console.log(error));
} else if (user.app_metadata.signedUp === true) {
// must use an elseif here...otherwise, if we just add the custom claim below
// (outside the if statement, there will be no
// myAppId to add and the accessToken will be returned w/o any custom claims for first time
// social signups
context.accessToken['https://www.myapp.com/myAppId'] = user.app_metadata.myAppId;
callback(null, user, context);
}
}
- This third rule adds the backend user ID to my auth0 user metadata:
function addMyAppIdToAccessToken(user, context, callback) {
// This rule adds the authenticated user's myAppId to the access token.
var namespace = 'https://myapp.com/';
context.accessToken[namespace + 'myAppId'] = user.app_metadata.myAppId;
callback(null, user, context);
}
Hope this helps, again sorry if any of this is unclear, it has been a long time since I set all this up. Best of luck to you!