Remix Auth is a flexible authentication framework for Remix applications that allows developers to implement various strategies for user authentication.
The Asgardeo strategy is a custom implementation of the OAuth2Strategy designed specifically for integrating with Asgardeo, an identity-as-a-service (IDaaS) platform. This strategy enables developers to authenticate users against an Asgardeo organization using OpenID Connect (OIDC).
| Runtime | Has Support |
|---|---|
| Node.js | ✅ |
| Cloudflare | ✅ |
Head over to Asgardeo and sign up for an organization.
Follow the steps on the Asgardeo documentation to create an application and get the client ID, and client secret.
// app/utils/asgardeo.server.ts
import { Authenticator } from "remix-auth";
import { AsgardeoStrategy } from "remix-auth-asgardeo";
// Create an instance of the authenticator, pass a generic with what your
// strategies will return and will be stored in the session
export const authenticator = new Authenticator<User>(sessionStorage);
let asgardeoStrategy = new AsgardeoStrategy(
{
authorizedRedirectUrl: "http://localhost:5173/auth/asgardeo/callback",
clientID: "YOUR_ASGARDEO_CLIENT_ID",
clientSecret: "YOUR_ASGARDEO_CLIENT_SECRET",
baseUrl: "https://api.asgardeo.io/t/<YOUR_ASGARDEO_ORG_NAME>",
},
async ({ accessToken, refreshToken, extraParams, profile }) => {
// Get the user data from your DB or API using the tokens and profile
return User.findOrCreate({ email: profile.emails[0].value });
}
);
authenticator.use(asgardeoStrategy);// app/routes/login.tsx
export default function Login() {
return (
<Form action="/auth/asgardeo" method="post">
<button>Login with Asgardeo</button>
</Form>
);
}// app/routes/auth.asgardeo.tsx
import type { ActionFunctionArgs } from "@remix-run/node";
import { authenticator } from "~/utils/asgardeo.server";
export let loader = () => redirect("/login");
export let action = ({ request }: ActionFunctionArgs) => {
return authenticator.authenticate("asgardeo", request);
};// app/routes/auth.asgardeo.callback.tsx
import type { LoaderFunctionArgs } from "@remix-run/node";
import { authenticator } from "~/utils/asgardeo.server";
export let loader = ({ request }: LoaderFunctionArgs) => {
return authenticator.authenticate("asgardeo", request, {
successRedirect: "/dashboard",
failureRedirect: "/login",
});
};// app/routes/auth.logout.ts
import type { ActionFunctionArgs } from "@remix-run/node";
import { redirect } from "@remix-run/node";
import { destroySession, getSession } from "~/utils/asgardeo.server";
export const action = async ({ request }: ActionFunctionArgs) => {
const session = await getSession(request.headers.get("Cookie"));
const logoutURL = new URL(process.env.ASGARDEO_LOGOUT_URL); // i.e https://api.asgardeo.io/t/pavinduorg/oidc/logout
logoutURL.searchParams.set("client_id", process.env.ASGARDEO_CLIENT_ID);
logoutURL.searchParams.set("returnTo", process.env.ASGARDEO_RETURN_TO_URL);
return redirect(logoutURL.toString(), {
headers: {
"Set-Cookie": await destroySession(session),
},
});
};Please read Contributing Guide for details on how to contribute to Remix Auth Asgardeo. Refer to General Contribution Guidelines for details on our code of conduct, and the process for submitting pull requests to us.
We encourage you to report issues, improvements, and feature requests creating Github Issues.
Important: Please be advised that security issues MUST be reported to security@wso2com, not as GitHub issues, in order to reach the proper audience. We strongly advise following the WSO2 Security Vulnerability Reporting Guidelines when reporting the security issues.
This project is licensed under the Apache License 2.0. See the LICENSE file for details.