├── public
    ├── favicon.ico
    ├── manifest.json
    └── index.html
├── src
    ├── index.css
    ├── AppSync.js
    ├── App.test.js
    ├── App.css
    ├── index.js
    ├── App.js
    ├── logo.svg
    └── registerServiceWorker.js
├── .gitignore
├── package.json
└── README.md


/public/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/dabit3/appsync-auth0/HEAD/public/favicon.ico


--------------------------------------------------------------------------------
/src/index.css:
--------------------------------------------------------------------------------
1 | body {
2 |   margin: 0;
3 |   padding: 0;
4 |   font-family: sans-serif;
5 | }
6 | 


--------------------------------------------------------------------------------
/src/AppSync.js:
--------------------------------------------------------------------------------
1 | export default {
2 |   "graphqlEndpoint": "<YOURGRAPHQLENDPOINT>",
3 |   "region": "us-east-1",
4 |   "authenticationType": "OPENID_CONNECT"
5 | }


--------------------------------------------------------------------------------
/src/App.test.js:
--------------------------------------------------------------------------------
 1 | import React from 'react';
 2 | import ReactDOM from 'react-dom';
 3 | import App from './App';
 4 | 
 5 | it('renders without crashing', () => {
 6 |   const div = document.createElement('div');
 7 |   ReactDOM.render(<App />, div);
 8 |   ReactDOM.unmountComponentAtNode(div);
 9 | });
10 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # See https://help.github.com/ignore-files/ for more about ignoring files.
 2 | 
 3 | # dependencies
 4 | /node_modules
 5 | 
 6 | # testing
 7 | /coverage
 8 | 
 9 | # production
10 | /build
11 | 
12 | # misc
13 | .DS_Store
14 | .env.local
15 | .env.development.local
16 | .env.test.local
17 | .env.production.local
18 | 
19 | npm-debug.log*
20 | yarn-debug.log*
21 | yarn-error.log*
22 | 


--------------------------------------------------------------------------------
/public/manifest.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "short_name": "React App",
 3 |   "name": "Create React App Sample",
 4 |   "icons": [
 5 |     {
 6 |       "src": "favicon.ico",
 7 |       "sizes": "64x64 32x32 24x24 16x16",
 8 |       "type": "image/x-icon"
 9 |     }
10 |   ],
11 |   "start_url": "./index.html",
12 |   "display": "standalone",
13 |   "theme_color": "#000000",
14 |   "background_color": "#ffffff"
15 | }
16 | 


--------------------------------------------------------------------------------
/src/App.css:
--------------------------------------------------------------------------------
 1 | .App {
 2 |   text-align: center;
 3 | }
 4 | 
 5 | .App-logo {
 6 |   animation: App-logo-spin infinite 20s linear;
 7 |   height: 80px;
 8 | }
 9 | 
10 | .App-header {
11 |   background-color: #222;
12 |   height: 150px;
13 |   padding: 20px;
14 |   color: white;
15 | }
16 | 
17 | .App-title {
18 |   font-size: 1.5em;
19 | }
20 | 
21 | .App-intro {
22 |   font-size: large;
23 | }
24 | 
25 | @keyframes App-logo-spin {
26 |   from { transform: rotate(0deg); }
27 |   to { transform: rotate(360deg); }
28 | }
29 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "appsync-oidc",
 3 |   "version": "0.1.0",
 4 |   "private": true,
 5 |   "dependencies": {
 6 |     "auth0-js": "^9.7.3",
 7 |     "aws-appsync": "^1.3.2",
 8 |     "aws-appsync-react": "^1.1.2",
 9 |     "graphql-tag": "^2.9.2",
10 |     "react": "^16.4.1",
11 |     "react-apollo": "^2.1.9",
12 |     "react-dom": "^16.4.1",
13 |     "react-router-dom": "^4.3.1",
14 |     "react-scripts": "1.1.4"
15 |   },
16 |   "scripts": {
17 |     "start": "react-scripts start",
18 |     "build": "react-scripts build",
19 |     "test": "react-scripts test --env=jsdom",
20 |     "eject": "react-scripts eject"
21 |   }
22 | }
23 | 


--------------------------------------------------------------------------------
/src/index.js:
--------------------------------------------------------------------------------
 1 | import React from 'react';
 2 | import ReactDOM from 'react-dom';
 3 | import './index.css';
 4 | import App from './App';
 5 | import registerServiceWorker from './registerServiceWorker';
 6 | 
 7 | import AWSAppSyncClient from 'aws-appsync'
 8 | import AppSyncConfig from './AppSync'
 9 | import { ApolloProvider } from 'react-apollo'
10 | import { Rehydrated } from 'aws-appsync-react' // this needs to also be installed when working with React
11 | 
12 | 
13 | const client = new AWSAppSyncClient({
14 |   url: AppSyncConfig.graphqlEndpoint,
15 |   region: AppSyncConfig.region,
16 |   auth: {
17 |     type: AppSyncConfig.authenticationType,
18 |     jwtToken: () => {
19 |       const token = window.localStorage.getItem('AppSyncOIDCKey')
20 |       console.log('token:', token)
21 |       return token
22 |     }
23 |   }
24 | })
25 | 
26 | const WithProvider = () => (
27 |   <ApolloProvider client={client}>
28 |     <Rehydrated>
29 |       <App />
30 |     </Rehydrated>
31 |   </ApolloProvider>
32 | )
33 | 
34 | ReactDOM.render(<WithProvider />, document.getElementById('root'));
35 | registerServiceWorker();
36 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Authenticating AWS AppSync with Auth0
 2 | 
 3 | This repo goes along with the Medium blog post [Authenticating an AWS AppSync GraphQL API with Auth0](https://medium.com/@dabit3/authenticating-an-aws-appsync-graphql-api-with-auth0-48835691810a).
 4 | 
 5 | ### To use this repo, you must have the following credentials:
 6 | 
 7 | 1. An Auth0 API configured with RS256 signing algorithm for both general & OAuth signing.    
 8 | 2. AWS AppSync API configured with your Auth0 app domain.
 9 | 
10 | ## Getting started
11 | 
12 | 1. Clone the repo
13 | 
14 | ```bash
15 | git clone https://github.com/dabit3/appsync-auth0.git
16 | ```
17 | 
18 | 2. Change into the new directory
19 | 
20 | ```bash
21 | cd appsync-auth0
22 | ```
23 | 
24 | 3. Install dependencies
25 | 
26 | ```bash
27 | npm i
28 | # or
29 | yarn
30 | ```
31 | 
32 | 4. Update the AppSync graphqlEndpoint in AppSync.js with your AppSync endpoint.
33 | 
34 | 5. In App.js, configure the call to Auth0 with your credentials:
35 | 
36 | ```js
37 | this.auth0 = new auth0.WebAuth({
38 |   domain: '<YOURAPPDOMAIN>.auth0.com',
39 |   clientID: '<YOURCLIENTID>',
40 |   redirectUri: 'http://localhost:3000/callback',
41 |   audience: 'https://<YOURAPPDOMAIN>.auth0.com/userinfo',
42 |   responseType: 'token id_token',
43 |   scope: 'openid'
44 | });
45 | ```
46 | 
47 | 6. Run the app
48 | 
49 | ```bash
50 | npm start
51 | ```


--------------------------------------------------------------------------------
/public/index.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="en">
 3 |   <head>
 4 |     <meta charset="utf-8">
 5 |     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
 6 |     <meta name="theme-color" content="#000000">
 7 |     <!--
 8 |       manifest.json provides metadata used when your web app is added to the
 9 |       homescreen on Android. See https://developers.google.com/web/fundamentals/engage-and-retain/web-app-manifest/
10 |     -->
11 |     <link rel="manifest" href="%PUBLIC_URL%/manifest.json">
12 |     <link rel="shortcut icon" href="%PUBLIC_URL%/favicon.ico">
13 |     <!--
14 |       Notice the use of %PUBLIC_URL% in the tags above.
15 |       It will be replaced with the URL of the `public` folder during the build.
16 |       Only files inside the `public` folder can be referenced from the HTML.
17 | 
18 |       Unlike "/favicon.ico" or "favicon.ico", "%PUBLIC_URL%/favicon.ico" will
19 |       work correctly both with client-side routing and a non-root public URL.
20 |       Learn how to configure a non-root public URL by running `npm run build`.
21 |     -->
22 |     <title>React App</title>
23 |   </head>
24 |   <body>
25 |     <noscript>
26 |       You need to enable JavaScript to run this app.
27 |     </noscript>
28 |     <div id="root"></div>
29 |     <!--
30 |       This HTML file is a template.
31 |       If you open it directly in the browser, you will see an empty page.
32 | 
33 |       You can add webfonts, meta tags, or analytics to this file.
34 |       The build step will place the bundled scripts into the <body> tag.
35 | 
36 |       To begin the development, run `npm start` or `yarn start`.
37 |       To create a production bundle, use `npm run build` or `yarn build`.
38 |     -->
39 |   </body>
40 | </html>
41 | 


--------------------------------------------------------------------------------
/src/App.js:
--------------------------------------------------------------------------------
 1 | import React, { Component } from 'react';
 2 | import logo from './logo.svg';
 3 | import './App.css';
 4 | import { graphql } from 'react-apollo'
 5 | import gql from 'graphql-tag'
 6 | 
 7 | import auth0 from 'auth0-js';
 8 | 
 9 | import { BrowserRouter as Router, Route, Link } from "react-router-dom";
10 | 
11 | const query = gql`
12 |   query {
13 |     listDogs {
14 |       items {
15 |         name
16 |       }
17 |     }
18 |   }
19 | `
20 | 
21 | function getJsonFromUrl() {
22 |   var query = window.location.href.substr(0);
23 |   var result = {};
24 |   query.split("&").forEach(function(part) {
25 |     var item = part.split("=");
26 |     result[item[0]] = decodeURIComponent(item[1]);
27 |   });
28 |   return result;
29 | }
30 | 
31 | class App extends Component {
32 |   componentDidMount() {    
33 |     if (this.props.location.pathname === '/callback') {
34 |       const data = getJsonFromUrl()
35 |       const token = data['id_token']
36 |       
37 |       window.localStorage.setItem('AppSyncOIDCKey', token)
38 |       window.location.replace('http://localhost:3000')
39 |     }
40 |     this.auth0 = new auth0.WebAuth({
41 |       domain: '<YOURAPPDOMAIN>.auth0.com',
42 |       clientID: '<YOURCLIENTID>',
43 |       redirectUri: 'http://localhost:3000/callback',
44 |       audience: 'https://<YOURAPPDOMAIN>.auth0.com/userinfo',
45 |       responseType: 'token id_token',
46 |       scope: 'openid'
47 |     });
48 |   }
49 |   login = () => {
50 |     this.auth0.authorize();
51 |   }
52 |   render() {
53 |     console.log('props: ', this.props)
54 |     return (
55 |       <div className="App">
56 |         <header className="App-header">
57 |           <img src={logo} className="App-logo" alt="logo" />
58 |           <h1 className="App-title">Welcome to React</h1>
59 |         </header>
60 |         <div style={{ padding: 30 }}>
61 |           <button
62 |             onClick={this.login}
63 |           >Login</button>
64 |           {
65 |             this.props.data.listDogs && this.props.data.listDogs.items.map((item, index) => {
66 |               return (
67 |                 <p key={index}>{item.name}</p>
68 |               )
69 |             })
70 |           }
71 |         </div>
72 |       </div>
73 |     );
74 |   }
75 | }
76 | 
77 | App = graphql(query, {
78 |   options: {
79 |     fetchPolicy: 'cache-and-network'
80 |   }
81 | }
82 | )(App);
83 | 
84 | const AppWithRoutes = () => (
85 |   <Router>
86 |     <div>
87 |       <Route path="/" component={App} />
88 |     </div>
89 |   </Router>
90 | )
91 | 
92 | export default AppWithRoutes


--------------------------------------------------------------------------------
/src/logo.svg:
--------------------------------------------------------------------------------
1 | <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 841.9 595.3">
2 |     <g fill="#61DAFB">
3 |         <path d="M666.3 296.5c0-32.5-40.7-63.3-103.1-82.4 14.4-63.6 8-114.2-20.2-130.4-6.5-3.8-14.1-5.6-22.4-5.6v22.3c4.6 0 8.3.9 11.4 2.6 13.6 7.8 19.5 37.5 14.9 75.7-1.1 9.4-2.9 19.3-5.1 29.4-19.6-4.8-41-8.5-63.5-10.9-13.5-18.5-27.5-35.3-41.6-50 32.6-30.3 63.2-46.9 84-46.9V78c-27.5 0-63.5 19.6-99.9 53.6-36.4-33.8-72.4-53.2-99.9-53.2v22.3c20.7 0 51.4 16.5 84 46.6-14 14.7-28 31.4-41.3 49.9-22.6 2.4-44 6.1-63.6 11-2.3-10-4-19.7-5.2-29-4.7-38.2 1.1-67.9 14.6-75.8 3-1.8 6.9-2.6 11.5-2.6V78.5c-8.4 0-16 1.8-22.6 5.6-28.1 16.2-34.4 66.7-19.9 130.1-62.2 19.2-102.7 49.9-102.7 82.3 0 32.5 40.7 63.3 103.1 82.4-14.4 63.6-8 114.2 20.2 130.4 6.5 3.8 14.1 5.6 22.5 5.6 27.5 0 63.5-19.6 99.9-53.6 36.4 33.8 72.4 53.2 99.9 53.2 8.4 0 16-1.8 22.6-5.6 28.1-16.2 34.4-66.7 19.9-130.1 62-19.1 102.5-49.9 102.5-82.3zm-130.2-66.7c-3.7 12.9-8.3 26.2-13.5 39.5-4.1-8-8.4-16-13.1-24-4.6-8-9.5-15.8-14.4-23.4 14.2 2.1 27.9 4.7 41 7.9zm-45.8 106.5c-7.8 13.5-15.8 26.3-24.1 38.2-14.9 1.3-30 2-45.2 2-15.1 0-30.2-.7-45-1.9-8.3-11.9-16.4-24.6-24.2-38-7.6-13.1-14.5-26.4-20.8-39.8 6.2-13.4 13.2-26.8 20.7-39.9 7.8-13.5 15.8-26.3 24.1-38.2 14.9-1.3 30-2 45.2-2 15.1 0 30.2.7 45 1.9 8.3 11.9 16.4 24.6 24.2 38 7.6 13.1 14.5 26.4 20.8 39.8-6.3 13.4-13.2 26.8-20.7 39.9zm32.3-13c5.4 13.4 10 26.8 13.8 39.8-13.1 3.2-26.9 5.9-41.2 8 4.9-7.7 9.8-15.6 14.4-23.7 4.6-8 8.9-16.1 13-24.1zM421.2 430c-9.3-9.6-18.6-20.3-27.8-32 9 .4 18.2.7 27.5.7 9.4 0 18.7-.2 27.8-.7-9 11.7-18.3 22.4-27.5 32zm-74.4-58.9c-14.2-2.1-27.9-4.7-41-7.9 3.7-12.9 8.3-26.2 13.5-39.5 4.1 8 8.4 16 13.1 24 4.7 8 9.5 15.8 14.4 23.4zM420.7 163c9.3 9.6 18.6 20.3 27.8 32-9-.4-18.2-.7-27.5-.7-9.4 0-18.7.2-27.8.7 9-11.7 18.3-22.4 27.5-32zm-74 58.9c-4.9 7.7-9.8 15.6-14.4 23.7-4.6 8-8.9 16-13 24-5.4-13.4-10-26.8-13.8-39.8 13.1-3.1 26.9-5.8 41.2-7.9zm-90.5 125.2c-35.4-15.1-58.3-34.9-58.3-50.6 0-15.7 22.9-35.6 58.3-50.6 8.6-3.7 18-7 27.7-10.1 5.7 19.6 13.2 40 22.5 60.9-9.2 20.8-16.6 41.1-22.2 60.6-9.9-3.1-19.3-6.5-28-10.2zM310 490c-13.6-7.8-19.5-37.5-14.9-75.7 1.1-9.4 2.9-19.3 5.1-29.4 19.6 4.8 41 8.5 63.5 10.9 13.5 18.5 27.5 35.3 41.6 50-32.6 30.3-63.2 46.9-84 46.9-4.5-.1-8.3-1-11.3-2.7zm237.2-76.2c4.7 38.2-1.1 67.9-14.6 75.8-3 1.8-6.9 2.6-11.5 2.6-20.7 0-51.4-16.5-84-46.6 14-14.7 28-31.4 41.3-49.9 22.6-2.4 44-6.1 63.6-11 2.3 10.1 4.1 19.8 5.2 29.1zm38.5-66.7c-8.6 3.7-18 7-27.7 10.1-5.7-19.6-13.2-40-22.5-60.9 9.2-20.8 16.6-41.1 22.2-60.6 9.9 3.1 19.3 6.5 28.1 10.2 35.4 15.1 58.3 34.9 58.3 50.6-.1 15.7-23 35.6-58.4 50.6zM320.8 78.4z"/>
4 |         <circle cx="420.9" cy="296.5" r="45.7"/>
5 |         <path d="M520.5 78.1z"/>
6 |     </g>
7 | </svg>
8 | 


--------------------------------------------------------------------------------
/src/registerServiceWorker.js:
--------------------------------------------------------------------------------
  1 | // In production, we register a service worker to serve assets from local cache.
  2 | 
  3 | // This lets the app load faster on subsequent visits in production, and gives
  4 | // it offline capabilities. However, it also means that developers (and users)
  5 | // will only see deployed updates on the "N+1" visit to a page, since previously
  6 | // cached resources are updated in the background.
  7 | 
  8 | // To learn more about the benefits of this model, read https://goo.gl/KwvDNy.
  9 | // This link also includes instructions on opting out of this behavior.
 10 | 
 11 | const isLocalhost = Boolean(
 12 |   window.location.hostname === 'localhost' ||
 13 |     // [::1] is the IPv6 localhost address.
 14 |     window.location.hostname === '[::1]' ||
 15 |     // 127.0.0.1/8 is considered localhost for IPv4.
 16 |     window.location.hostname.match(
 17 |       /^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/
 18 |     )
 19 | );
 20 | 
 21 | export default function register() {
 22 |   if (process.env.NODE_ENV === 'production' && 'serviceWorker' in navigator) {
 23 |     // The URL constructor is available in all browsers that support SW.
 24 |     const publicUrl = new URL(process.env.PUBLIC_URL, window.location);
 25 |     if (publicUrl.origin !== window.location.origin) {
 26 |       // Our service worker won't work if PUBLIC_URL is on a different origin
 27 |       // from what our page is served on. This might happen if a CDN is used to
 28 |       // serve assets; see https://github.com/facebookincubator/create-react-app/issues/2374
 29 |       return;
 30 |     }
 31 | 
 32 |     window.addEventListener('load', () => {
 33 |       const swUrl = `${process.env.PUBLIC_URL}/service-worker.js`;
 34 | 
 35 |       if (isLocalhost) {
 36 |         // This is running on localhost. Lets check if a service worker still exists or not.
 37 |         checkValidServiceWorker(swUrl);
 38 | 
 39 |         // Add some additional logging to localhost, pointing developers to the
 40 |         // service worker/PWA documentation.
 41 |         navigator.serviceWorker.ready.then(() => {
 42 |           console.log(
 43 |             'This web app is being served cache-first by a service ' +
 44 |               'worker. To learn more, visit https://goo.gl/SC7cgQ'
 45 |           );
 46 |         });
 47 |       } else {
 48 |         // Is not local host. Just register service worker
 49 |         registerValidSW(swUrl);
 50 |       }
 51 |     });
 52 |   }
 53 | }
 54 | 
 55 | function registerValidSW(swUrl) {
 56 |   navigator.serviceWorker
 57 |     .register(swUrl)
 58 |     .then(registration => {
 59 |       registration.onupdatefound = () => {
 60 |         const installingWorker = registration.installing;
 61 |         installingWorker.onstatechange = () => {
 62 |           if (installingWorker.state === 'installed') {
 63 |             if (navigator.serviceWorker.controller) {
 64 |               // At this point, the old content will have been purged and
 65 |               // the fresh content will have been added to the cache.
 66 |               // It's the perfect time to display a "New content is
 67 |               // available; please refresh." message in your web app.
 68 |               console.log('New content is available; please refresh.');
 69 |             } else {
 70 |               // At this point, everything has been precached.
 71 |               // It's the perfect time to display a
 72 |               // "Content is cached for offline use." message.
 73 |               console.log('Content is cached for offline use.');
 74 |             }
 75 |           }
 76 |         };
 77 |       };
 78 |     })
 79 |     .catch(error => {
 80 |       console.error('Error during service worker registration:', error);
 81 |     });
 82 | }
 83 | 
 84 | function checkValidServiceWorker(swUrl) {
 85 |   // Check if the service worker can be found. If it can't reload the page.
 86 |   fetch(swUrl)
 87 |     .then(response => {
 88 |       // Ensure service worker exists, and that we really are getting a JS file.
 89 |       if (
 90 |         response.status === 404 ||
 91 |         response.headers.get('content-type').indexOf('javascript') === -1
 92 |       ) {
 93 |         // No service worker found. Probably a different app. Reload the page.
 94 |         navigator.serviceWorker.ready.then(registration => {
 95 |           registration.unregister().then(() => {
 96 |             window.location.reload();
 97 |           });
 98 |         });
 99 |       } else {
100 |         // Service worker found. Proceed as normal.
101 |         registerValidSW(swUrl);
102 |       }
103 |     })
104 |     .catch(() => {
105 |       console.log(
106 |         'No internet connection found. App is running in offline mode.'
107 |       );
108 |     });
109 | }
110 | 
111 | export function unregister() {
112 |   if ('serviceWorker' in navigator) {
113 |     navigator.serviceWorker.ready.then(registration => {
114 |       registration.unregister();
115 |     });
116 |   }
117 | }
118 | 


--------------------------------------------------------------------------------