Hey, there!
I have been trying to use auth0 actions to get some token caching working since we’ve been hitting the limit last month and I read about it in a thread in here.
Somehow my solution keeps retrying its execution endlessly when my action is active. I’ve burned throught our token limit in like 10 minutes and now I am at a loss what I’m doing wrong. I have been following this link here but it doesn’t seem to work for me.
// <user>.eu.auth0.com
// source: https://community.auth0.com/t/caching-m2m-access-token-in-actions/100734/4
// auth0@3.7.0
// jwt-decode@4.0.0
//
function loadConfigs(event) {
if (event.secrets.debug == "1") {
return {
domain: event.secrets.domain,
clientId: event.secrets.client_id,
clientSecret: event.secrets.client_secret,
audience: event.secrets.audience,
};
} else {
const requestBody = event.request.body;
return {
domain: "<user>.eu.auth0.com",
clientId: requestBody.client_id,
clientSecret: requestBody.client_secret,
audience: requestBody.audience,
};
}
}
function getCachedToken(api) {
try {
const cachedToken =
api.cache.get("first").value +
api.cache.get("second").value +
api.cache.get("third").value;
return cachedToken;
} catch {
return undefined;
}
}
function cacheToken(api, token) {
api.cache.set("first", token.slice(0, 2048));
api.cache.set("second", token.slice(2048, 4096));
api.cache.set("third", token.slice(4096));
}
async function handleTokenRequest(event, api) {
const auth0 = require("auth0");
const jwt_decode = require("jwt-decode");
const configs = loadConfigs(event);
const ManagementClient = auth0.ManagementClient;
const cachedToken = getCachedToken(api);
let current_time = Date.now().valueOf() / 1000;
if (cachedToken != undefined) {
var decoded = jwt_decode(cachedToken);
}
//Initialize management client with existing token to use against Management API
if (cachedToken != undefined && decoded.exp > current_time) {
var management = new ManagementClient({
token: cachedToken,
domain: configs.domain,
});
// return early
return;
}
//Initialize management client with new token to use against Management API
var management = new ManagementClient({
domain: configs.domain,
clientId: configs.clientId,
clientSecret: configs.clientSecret,
audience: configs.audience,
tokenProvider: {
enableCache: true,
cacheTTLInSeconds: 86400,
},
});
const newToken = await management.getAccessToken();
cacheToken(api, newToken);
management = new ManagementClient({
token: newToken,
domain: configs.domain,
});
}
exports.onExecuteCredentialsExchange = async (event, api) => {
try {
await handleTokenRequest(event, api);
} catch (err) {
api.access.deny("server_error", err);
}
};