Auth0 and Gitpod

I’ve created a small example that shows/explains how to use Auth0 with Gitpod.

I hope this is useful. Feedback is welcome.

3 Likes

This doesn’t work because in the space of a few weeks my workspace url has changed from https://xxxx.ws-eu08.gitpod.io to https://xxxx.ws-eu09.gitpod.io.

Yes, we have recently introduced running multiple cluster deployments (for e.g. A/B deployments) which has this unfortunate side-effect. We are at the same time working on a local companion app for which we’ll announce a preview version, that tunnels all ports to your local machine’s localhost address. I think with that Auth0 should just work through the whitelisted localhost approach they have for local development.

Hi,
I have the same issue and the local companion app is not solving this issue in a hassle-free way.
I know the root cause is that auth0 is stupid and doesn’t allow real wildcards there even any subdomain if a subdomain is allowed as a callback,…

Please

  1. can you first make all possible clusters DNS names public on your webpage and also update this list because for a workaround we could just add all these cluster names as possible callback URLs, not great but better than nothing.
  2. Update your GitHub auth0 example and explain that this is at the moment not working otherwise it confuses the users.
  3. think about a solution there you only have one subdomain below gitpod.io. You could for example combine the workspace just with another dash with the cluster name,…

thx Konrad

Hi Konrad,

Can you help us and share what are the hassles regarding solving this with local companion app? We might be able to remove those hassles. I really think using localhost is the best way, because that is the assumption of all such tools out there, so we wouldn’t need to have individual solutions (such as with the auth0 example). Did you try with the Local VS Code command (press F1 and search for “Open in VS Code”)? It will do the port tunneling as well.

Having dependencies on the domain names is a path we would like to avoid, because it limits the freedom of how we can deploy A/B or also introduce new regions going forward. The list might become rather long I’m afraid. Also we don’t want to move those bits out of the URL, because many webapps assume absolute pathes, so forcing everyone to manage and ignore a slug in the URL breaks other user experiences.

I have updated the Auth0 example : https://github.com/gitpod-io/auth0-express-webapp-sample

2 Likes

Hi,

after I did a chmod I got it working. It is is general working. But for me at the moment not a solution for QAs / PMs.
They need:

  1. installer
  2. app as Icon in Tray (Windows), Menu (Mac)
  3. nice messages what is connected,…
    I think then this could be a full solution.

bye

@svenefftinge can you please give me some feedback on my described needs.

On top, I can add an issue that I had for one of my users, and there a better error message is needed.
If the user started the app the issue was only visible for 1 sec. and then automatically closed. If an error occurs it should highlight that in a better and better-explained way. So that the user understands what to do. The other topic is. I don’t understand why this app needs port 63100 to run it could just search for another free port.

So that the user understands what to do. The other topic is. I don’t understand why this app needs port 63100 to run it could just search for another free port.

VS Code Web need to know to which port to connect, any random won’t work. We could use a range though.