Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: add m2m example using OAuth2 #958

Merged
merged 9 commits into from
Nov 20, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
docs: update the m2m example to have an optional UI
  • Loading branch information
porcellus committed Nov 14, 2024
commit 76ce40622a7fce4522a2095d523da81c50c58a64
46 changes: 40 additions & 6 deletions examples/express/with-m2m/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,40 @@ OR
./assistant --help
```

## Project structure (notable files/folders)
## Project structure

### Allowed call flows

```
┌──────────────────────┐
│ │
┌──────────────────────────► Calendar Service │
│ │ │
│ └──────────┬───────────┘
┌───┴─────┐ │
│ │ │
│ CLI │ │
│ │ xxxxx
└───┬─────┘ │
│ │
│ │
│ ┌──────────▼───────────┐
│ │ │
└──────────────────────────► Note Service │
│ │
└──────────────────────┘
```

### Notable files

```
├── assistant-client
├── eventFunctions.mjs The functions to interact with the calendar-service
├── noteFunctions.mjs The functions to interact with the note-service
├── getAccessToken.mjs The function to get the access token from the auth-service
├── index.mjs The main function to run the assistant
├── assistant-cli
├── src/eventFunctions.ts The functions to interact with the calendar-service
├── src/noteFunctions.ts The functions to interact with the note-service
├── src/getAccessToken.ts The function to get the access token from the auth-service
├── src/cli.tsx The main function to run the assistant
├── src/ui/* The UI components for the assistant-cli


├── auth-provider-service
├── config.ts The configuration for SuperTokens
Expand All @@ -58,6 +84,14 @@ OR
├── index.ts Sets up the APIs for note-service (w/ token validation and a simple in-memory DB)
```

## How it works

In the example, we use the client credentials flow to obtain a token from the auth-provider-service and use it to call the APIs exposed by the calendar-service and note-service.

It's important to note that we have to use the right audience for the API we are trying to call. In this example, the calendar-service is expecting the audience to be `calendar-service` and the note-service is expecting the audience to be `note-service`. If we didn't validate the audience and one of the services was compromised, a malicious actor could use the tokens the compromised service receives to call the APIs exposed by the other services and impersonate the assistant-cli.

Setting minimal scopes and scope validation is similarly important, for example as a way to limit what a leaked/stolen token can be used for.

## Author

Created with :heart: by the folks at supertokens.com.
Expand Down
3 changes: 2 additions & 1 deletion examples/express/with-m2m/assistant
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
#!/bin/bash

node ./index.mjs $@
cd assistant-cli
npm run cli -- $@
12 changes: 12 additions & 0 deletions examples/express/with-m2m/assistant-cli/.editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
root = true

[*]
indent_style = tab
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true

[*.yml]
indent_style = space
indent_size = 2
1 change: 1 addition & 0 deletions examples/express/with-m2m/assistant-cli/.gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
* text=auto eol=lf
2 changes: 2 additions & 0 deletions examples/express/with-m2m/assistant-cli/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
node_modules
dist
1 change: 1 addition & 0 deletions examples/express/with-m2m/assistant-cli/.prettierignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
dist
Loading
Loading