Initial commit

.circleci/config.yml

@@ -0,0 +1,60 @@
+version: 2.1
+jobs:
+  test:
+    docker:
+      - image: circleci/node:10.15
+    working_directory: ~/repo
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - v1-dependencies-{{ checksum "package.json" }}
+            # fallback to using the latest cache if no exact match is found
+            - v1-dependencies-
+      - run: npm i
+      - save_cache:
+          paths:
+            - node_modules
+          key: v1-dependencies-{{ checksum "package.json" }}
+      - run: npm run test
+      - persist_to_workspace:
+          root: .
+          paths:
+            - .
+
+  deploy:
+    docker:
+      - image: circleci/node:10.15
+    steps:
+      - attach_workspace:
+          at: .
+      - restore_cache:
+          keys:
+            - npm-circleci-{{ checksum "package.lock" }}
+            - npm-circleci-
+      - run:
+          name: Install Serverless CLI and dependencies
+          command: npm i
+      - save_cache:
+          key: npm-circleci-{{ checksum "composer.lock" }}
+          paths:
+            - node_modules
+      - run:
+          name: Build and deploy lambda package
+          command: |
+            node .circlecli/bin/node_modules/serverless/bin/serverless deploy
+
+workflows:
+  version: 2.1
+  build-deploy:
+    jobs:
+      - test
+      - deploy:
+          requires:
+            - test
+          filters:
+            branches:
+              only: 
+                - master
+
+

.eslintrc

@@ -0,0 +1,92 @@
+{
+    "extends": "eslint:recommended",
+    "parserOptions": {
+      "ecmaVersion": 2017,
+      "sourceType": "module"
+    },
+    "env": {
+      "node": true,
+      "es6": true
+    },
+    "rules": {
+      "array-bracket-spacing": ["error", "never"],
+      "arrow-body-style": "off",
+      "arrow-parens": [2, "as-needed"],
+      "block-scoped-var": "error",
+      "block-spacing": ["error", "always"],
+      "brace-style": "error",
+      "comma-dangle": ["error", "always-multiline"],
+      "comma-spacing": "error",
+      "comma-style": "error",
+      "complexity": ["error", 8],
+      "computed-property-spacing": ["error", "never"],
+      "curly": ["error", "multi-line"],
+      "dot-location": ["error", "property"],
+      "dot-notation": "error",
+      "eqeqeq": ["error", "allow-null"],
+      "guard-for-in": "error",
+      "indent": ["error", 2, {"SwitchCase": 1}],
+      "key-spacing": ["error"],
+      "keyword-spacing": "error",
+      "no-alert": "error",
+      "no-bitwise": "error",
+      "no-caller": "error",
+      "no-case-declarations": "error",
+      "no-cond-assign": ["error", "except-parens"],
+      "no-console": "off",
+      "no-const-assign": "error",
+      "no-debugger": "error",
+      "no-div-regex": "error",
+      "no-duplicate-imports": "error",
+      "no-else-return": "error",
+      "no-empty": "error",
+      "no-eval": "error",
+      "no-extend-native": "error",
+      "no-irregular-whitespace": "error",
+      "no-iterator": "error",
+      "no-lone-blocks": "error",
+      "no-loop-func": "error",
+      "no-multiple-empty-lines": "error",
+      "no-multi-spaces": "error",
+      "no-multi-str": "error",
+      "no-new-wrappers": "error",
+      "no-proto": "error",
+      "no-return-assign": "error",
+      "no-script-url": "error",
+      "no-self-compare": "error",
+      "no-sequences": "error",
+      "no-spaced-func": "error",
+      "no-shadow": "error",
+      "no-undef": "error",
+      "no-undef-init": "error",
+      "no-unexpected-multiline": "error",
+      "no-unneeded-ternary": "error",
+      "no-unused-vars": ["error", {"args": "none"}],
+      "no-useless-concat": "error",
+      "no-useless-escape": "off",
+      "no-var": "error",
+      "no-whitespace-before-property": "error",
+      "no-with": "error",
+      "object-curly-spacing": ["error", "always"],
+      "one-var": ["error", "never"],
+      "operator-linebreak": ["error", "before", { "overrides": { "?": "after", ":": "after" } }],
+      "padded-blocks": ["error", "never"],
+      "prefer-const": "error",
+      "prefer-template": "error",
+      "quotes": ["error", "single"],
+      "quote-props": ["error", "consistent"],
+      "radix": ["error", "always"],
+      "semi": ["error", "always"],
+      "semi-spacing": ["error", {"before": false, "after": true }],
+      "space-before-blocks": "error",
+      "space-before-function-paren": ["error", "never"],
+      "space-in-parens": ["error", "never"],
+      "spaced-comment": ["error", "always"],
+      "space-infix-ops": "error",
+      "strict": "off",
+      "template-curly-spacing": ["error", "always"],
+      "valid-typeof": "error",
+      "wrap-iife": ["error", "inside"]
+    }
+  }
+

.gitignore

@@ -0,0 +1,38 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (http://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules
+jspm_packages
+
+# Optional npm cache directory
+.npm
+
+# Optional REPL history
+.node_repl_history
+*.zip

README.md

@@ -1,2 +1,15 @@
 # auth0-add-url
-Simple utility to programmatically add custom callback, web_origins, and allowed_callback_url's to Auth0 Clients.
+## Description
+auth0-add-url is a simple utility used to add custom url's Auth0 client applications.
+
+## Usage
+The function can be invoked with a single parameter with two base keys:
+
+```json
+{
+  secretEnv: `${ env }`,
+  url: 'https://test.roundingwell.com',
+}
+```
+
+The function updates the callbacks, web_origins, and allowed_logout_urls of the Auth0 environment defined in an AWS Secrets Manager secret.

index.js

@@ -0,0 +1,3 @@
+const handler = require('./lib/handler');
+
+module.exports.handler = handler;

lib/auth0tools.js

@@ -0,0 +1,42 @@
+var auth0 = require('auth0');
+const ManagementClient = auth0.ManagementClient;
+
+module.exports = {
+  async addAuth0Url(credentials, url) {
+    if (typeof credentials.Auth0ClientDomain === 'undefined') {
+      throw new Error('Auth0ClientDomain is required in the credentials parameter');
+    }
+    if (typeof credentials.Auth0MgmtApiClientId === 'undefined') {
+      throw new Error('Auth0MgmtApiClientId is required in the credentials parameter');
+    }
+    if (typeof credentials.Auth0MgmtApiSecret === 'undefined') {
+      throw new Error('Auth0MgmtApiSecret is required in the credentials parameter');
+    }
+    if (typeof credentials.Auth0ClientID === 'undefined') {
+      throw new Error('Auth0ClientID is required in the credentials parameter');
+    }
+    if (typeof url === 'undefined') {
+      throw new Error('url is required');
+    }
+    const mgmt = new ManagementClient({
+      domain: credentials.Auth0ClientDomain,
+      clientId: credentials.Auth0MgmtApiClientId,
+      clientSecret: credentials.Auth0MgmtApiSecret,
+    });
+    const client = await mgmt.getClient({
+      client_id: credentials.Auth0ClientID,
+    });
+    return mgmt.updateClient(
+      {
+        client_id: credentials.Auth0ClientID,
+      },
+      {
+        callbacks: client.callbacks.concat([`${ url }/authenticated`]),
+        web_origins: client.web_origins.concat([url]),
+        allowed_logout_urls: client.allowed_logout_urls.concat([url]),
+      },
+    ).then(result => {
+      return result;
+    });
+  },
+};

lib/handler.js

@@ -0,0 +1,29 @@
+var secrets = require('./secrets');
+// Known bug with rewire. Need to cast as var 
+var  auth0tools = require('./auth0tools');
+const Promise = require('bluebird');
+
+const handler = async (event, context) => {
+  if (typeof event.secretEnv === 'undefined') {
+    throw new Error('secretEnv is required');
+  }
+  const secretEnv = event.secretEnv;
+  if (typeof event.url === 'undefined') {
+    throw new Error('url is required');
+  }
+  const url = event.url;
+  const secret = await secrets.getSecret(`${ secretEnv }/env`);
+  return await auth0tools.addAuth0Url(secret, url);
+};
+
+module.exports = function(event, context, cb) {
+  return Promise.try(() => handler(event, context))
+    .then(result => {
+      cb(null);
+      return result;
+    })
+    .catch(err => {
+      cb(err);
+      throw err;
+    });
+};

lib/secrets.js

@@ -0,0 +1,21 @@
+const SecretsManager = require('aws-sdk').SecretsManager;
+
+module.exports = {
+  async getSecret(secretPath, key = 'all', region = 'us-west-2') {
+    if (secretPath === undefined) {
+      throw new Error('secretPath is required');
+    }
+    const mgr = new SecretsManager({
+      region,
+    });
+    const payload = {
+      SecretId: secretPath,
+    };
+    const data = await mgr.getSecretValue(payload).promise();
+    const secret = JSON.parse(data.SecretString);
+    if (key === 'all') {
+      return secret;
+    }
+    return secret[key];
+  },
+};