Post User Registration Action - Module Not Found

shester · July 14, 2023, 8:16pm

I am attempting to add a default role in an action:

exports.onExecutePostUserRegistration = async (event, api) => {
    const ManagementClient = require('auth0').ManagementClient;

    const management = new ManagementClient({
        domain: event.secrets.domain,
        clientId: event.secrets.clientId,
        clientSecret: event.secrets.clientSecret,
    });

    const params =  { id : event.user.user_id};
    var data = { "roles" : ['rol_7OQ4PJQWyE0R0eQC']};

  management.assignRolestoUser(params, data, function (err) {
    if (err) {
      console.log(err)
    }
    else {
      console.log(`role ${data} successfully assigned to ${event.user.email}`)
    }
  });
};

However, this doesn’t seem to be working. I’ve checked the following:

The custom action is added in the Post User Registration flow between Start and Complete
The role ID is correct
I’ve attempted to check the logs under Monitoring → Logs (couldn’t find anything)
Run “test” on my action

When I run “test”, i get the following test results:

Test Results
Error:

{
  "code": "MODULE_NOT_FOUND",
  "message": "Cannot find module 'auth0'\nRequire stack:\n- /data/io/node18-actions/c1595553-1962-4752-8327-f211bf654dcc/webtask.js",
  "name": "Error",
  "stack": "Error: Cannot find module 'auth0'\nRequire stack:\n- /data/io/node18-actions/c1595553-1962-4752-8327-f211bf654dcc/webtask.js\n    at Module._resolveFilename (node:internal/modules/cjs/loader:1075:15)\n    at WebtaskModule._resolveFilename (/data/sandbox/lib/module.js:117:17)\n    at WebtaskModule.require (/data/sandbox/lib/module.js:196:37)\n    at require (/data/sandbox/lib/module.js:237:17)\n    at exports.onExecutePostUserRegistration (/data/io/node18-actions/c1595553-1962-4752-8327-f211bf654dcc/webtask.js:9:30)\n    at /data/io/f41345ae72392489c66a6a20d70b9659ecd408a1.js:5:890\n    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)"
}

Stats:

{
  "total_request_duration_ms": 265,
  "total_runtime_execution_duration_ms": 261,
  "runtime_processing_duration_ms": 5,
  "action_duration_ms": 188,
  "runtime_external_call_duration_ms": 68,
  "boot_duration_ms": 73,
  "network_duration_ms": 5
}

I thought Node v18 was the issue so I created the same action using Node v16. When I test, I have no issues. However, it still does not add the role to the user.

I do not want to add RBAC, but I tried turning that on with permissions as well. Still no luck.

I am attempting to manage roles-only in Auth0 and add to a Hasura claim. My post login action to add the claims is working, but it’s of no use without this default role setup.

Note: I also tried setting my Extensibility to Node 18 and it made no difference. I also thought that maybe the fact that I kept adding and deleting the same user was causing the issue since the history persisted across deletions so maybe the post registration action doesn’t fire in that case? I tried creating other users to test this theory and it still didn’t work.

Please help. Thanks.

rueben.tiow · July 15, 2023, 4:17am

Hi @shester,

Thanks for reaching out to the Auth0 Community!

The “Module Not Found” error happens when a module used in your Action script has not been added as a dependency. This error is now thrown when using Node 18 in Actions.

In this case, you will need to specify the auth0 module as a dependency in the Action script’s Dependencies section. See below:

If you require additional modules, please check out our Can I require? - Search which node modules you can use in webtask.io.

Next, when looking at your code snippet I don’t see anything that stands out to be an issue with the script not adding the role. It might be helpful to follow the guide provided in our How can I use the Management API in Actions? FAQ to see if you can get it working that way.

Please let me know how this goes for you.

Thanks,
Rueben

shester · July 15, 2023, 1:17pm

Thanks. I was able to solve my issue using the tutorial you provided: How can I use the Management API in Actions?

However, I want to point out that on step 2, it says “2. Authorize it to use the Management API with the required scopes:” and only shows the need for the update:roles permission. When providing this permission alone, it did not work:

{
  "action_name": "Assign Role On First Login",
  "response": {
    "logs": "Forbidden: Insufficient scope, expected any of: read:roles,update:users,create:role_members\n    at /data/layers/layers-NCEn/NCEnN1oWAIpnwGrXpY_KwQ87kXoeGbwCOW9Qt4Ssh0M/node_modules/rest-facade/src/Client.js:402:25\n    at Request.callback (/data/layers/laye",
    "stats": {
      "total_request_duration_ms": 1017,
      "total_runtime_execution_duration_ms": 1013,
      "runtime_processing_duration_ms": 5,
      "action_duration_ms": 1008,
      "boot_duration_ms": 5,
      "network_duration_ms": 4
    }
  },
  "started_at": "2023-07-15T13:11:04.503739087Z",
  "ended_at": "2023-07-15T13:11:05.521390576Z"
}

I also added the read:roles permission and it worked, though I assume adding any of the roles specified would do the trick read:roles,update:users,create:role_members

Just wanted to point this out. Maybe you could have someone update that blog post. Thanks.

rueben.tiow · July 20, 2023, 4:22pm

Hi @shester,

Thanks for your reply and for providing us with feedback on the required scopes. I have just tested your observation and was successfully able to assign a user to a role with only the update:roles scope. However, when checking the Management API’s Assign users to a role endpoint, it expects update:roles and create:role_members as the required scopes. I will look further into this and see what needs to be updated. Thanks for bringing this to our attention.

Please let us know if you have additional questions.

Thanks,
Rueben

system · August 3, 2023, 4:40pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.