auth0-training / labs-node-working-with-apis Goto Github PK

Description

When I click the hyperlink at the second point, I do not receive any feedback. I expect Auth0 extension (if any) opens and view my tenant configuration.

Reproduction

Go to step 2 of 2 of the code tour. Click the hyperlink at the first point, then the one at the second point.

Environment

Please provide the following:

• Version of this library used: 1.1.1
• Version of the platform or framework used, if applicable:
• Other relevant versions (language, server software, OS, browser):
• Other modules/plugins/libraries that might be involved:

Hi Team,

As I was going through the lab under this repo and after going through the labs under this repo I couldn't help but notice a difference when it comes to handling the response_type field within the authorizationParams object that's passed as an argument to the auth middleware.

In the lab under this repo, a value of "code" is assigned to it:

In the labs under this repo, a value of "code id_token" is assigned to it:

While the value assigned to the response_type field differs from one lab to the other, both of them deal with a regular Web App that requires the Authorization Code Workflow and both of them work. My questions:

Is there any side effect to using "code" over "code id_token" or vice versa?
Which one is recommended as best practice?

Hi Team,

At Step #5 of 7 (2: Configure the Web Application to Pull Expenses from the API) the instruction is to:

Modify the Expenses Route

Now we'll modify the "/expenses" route in a similar way. Compare the block below to what's currently in the code. As before, we're adding error handling, and defining the path to the relevant data in our Expenses API.

app.get("/expenses", requiresAuth(), async (req, res, next) => {
    try {
        const expenses = await axios.get(`${API_URL}/reports`);
        res.render("expenses", {
           user: req.oidc && req.oidc.user,
           expenses: expenses.data,
        });
    } catch (err) {
        next(err);
    }
});

↪ Insert Code , then continue to the next step.

However, this ends up replacing the user endpoint handler instead as it is highlighted by default:

Please Note, I didn't highlight the /user endpoint handler in the above screenshot, it was highlight by default.

After clicking on insert code, the /user endpoint handler is replaced by the new /expenses Get handler and we end up with 2 handlers for the same GET route, like so:

I even deleted the codespace lab and restarted it again and this time, I highlighted the /expenses endpoint to be replaced. However, the issue still persisted by replacing the user endpoint instead.