Problem statement
Is it possible to dynamically set baseURL
on a per-request basis instead of defined statically one time?
The environments where we deploy our applications can be accessed from multiple clients. However, it looks like this library can’t handle this setup because we have to pass baseUrl to the middleware. But technically, the app instance has more than one baseUrl.
Troubleshooting
The same question was raised here:
opened 07:32AM - 08 Mar 21 UTC
closed 12:02AM - 10 Mar 21 UTC
question
### Describe the problem you'd like to have solved
Not sure if this is a feat… ure request, or we're just overlooking something and need someone to point us in the right direction, but here it goes...
The environments we deploy our applications on can be accessed my multiple URLs (usually one internet and one intranet). However it looks like this package (or maybe even Auth0 in general?) can't handle this setup, because we have to pass `baseUrl` to the middleware. But technically, the app instance has more than one `baseUrl`.
### Describe the ideal solution
Do we need to explicitly pass the `baseUrl`? Couldn't this be inferred from the request object?
I noticed in [context.js](https://github.com/auth0/express-openid-connect/blob/3adcd922da3a1b4b4d516836d14e31af234706a3/lib/context.js#L181) it does default to using `req.originalUrl` for the `returnUrl`, and as far as I could tell, that's the only place where `baseUrl` is used, for the `returnUrl`.
Of course I only glanced through the source code, so I'm not 100% sure how everything works.
## Alternatives and current work-arounds
~~I have not yet been able to think of any workarounds.~~
Update: see comment below.
### Additional information, if any
I also did open a topic on the [Auth0 Community](https://community.auth0.com/t/multiple-domains-for-the-same-client/59053), because we hoping to get an answer if there's something we're overlooking as soon as possible. Or else we'll have to look at using a different middleware (which would make me sad, because this package is pretty awesome).
Solution
You can set this up when the app mounts, e.g. if you have 2 base URLs for the internet and intranet:
import { auth } from 'express-openid-connect';
const configParams = {
// ...my config
};
const internalBaseUrl = 'https://mycompany.local';;
const externalBaseUrl = 'https://mycompany.com';;
const internalAuth = auth({ ...configParams, baseURL: internalBaseUrl });
const externalAuth = auth({ ...configParams, baseURL: externalBaseUrl });
const auth0Mw = (req, res, next) => {
const baseURL = `${req.protocol}://${req.header('x-forwarded-host') || req.get('host')}`;
return (baseURL === internalBaseUrl ? internalAuth : externalAuth)(req, res, next);
};