Daniel
Daniel
Explore posts from servers
CC#KKinde
PostsComments
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
After been digging around in the js-utils libary I fully understand that what i am looking for does not exist but can't get my head around whats the proper way to integrate it correctly
12 replies
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
I have been playing around trying to figure out how to create a /utils/kinde.js: // src/utils/kinde.js import createKindeClient from '@kinde/js-utils'; export const kindeClient = createKindeClient({ clientId: 'id_from_dashboard', domain: 'https://mydomain.kinde.com', redirectUri: 'http://localhost:5173/kinde-callback', logoutRedirectUri: 'http://localhost:5173', audience: 'https://api.mydomain.com/api' // optional, for securing API calls });
12 replies
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
I was aiming for something like this in my router to protect my routes in Vue 3 using a meta on specific routes: router.beforeEach(async (to, from, next) => { if (to.meta.requiresAuth) { const isAuthenticated = await kindeClient.isAuthenticated(); if (!isAuthenticated) { return kindeClient.login(); // redirect to Kinde login } } next(); // allow navigation });
12 replies
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
Thanks a lot. Been putting this day going through this but I am totally stuck. I can't find the js-util way of getting a createKindeClient-object holding clientId, domain etc. :/ I must be missing some documentation but I have been searching and also asked my AI-fiend to do a deep search with no luck.
12 replies
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
js-utils for the Vue setup and Express SDK for the Express API?
12 replies
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
Thank you 🙂 so you recommend me to check js-utils and not the vanilla using PKCE at all?
12 replies
KKinde
Created by Daniel on 4/3/2025 in #💻┃support
Support for Vue?
Thank you. I will check it out. Is it easy to validate requests from frontend in a express backend using the Javascript SDK?
12 replies
KKinde
Created by Daniel on 2/21/2025 in #💻┃support
Error verifying JWTs signed by Kinde from Next.js to Express API
I maybe came a bit longer now. I pass my access token from my client to my express backend API and there I use a third party library (jwks-rsa) to verify the token by using my kinde jwksUris. I now have come so far it invalidates the token due to missing audience. I have set up my API in Kinde and gave it an audience but the token is not containing this audience from client to backend. aud is []. I have authorized the api against the application in Kinde portal. If I would go to the API in Kinde and generate a token it actually contains aud but the token I get when authenticating in client is empty. Any guidance on this? Thanks.
3 replies
KKinde
Created by Daniel on 2/13/2025 in #💻┃support
Protect Next.js API Routes?
Hi @Ages and thank you so much for this. I will read through the links. Why I did not use withAuth for API routes was jsut because I could not get it to work for API calls from other clients. I maybe missed somehting.
7 replies
KKinde
Created by Daniel on 2/13/2025 in #💻┃support
Protect Next.js API Routes?
which indicates that the validation of jwt is not succeeding: 
  try {
    // Verify the JWT token
    const decoded = jwt.verify(token, SECRET_KEY);
    console.log(decoded);
    // Attach decoded user data to the request
    (request as any).user = decoded;
    return null; // No need to return anything if token is valid
  } catch (error) {
    return NextResponse.json({ message: "Unauthorized: Invalid token" }, { status: 401 });
  }
  try {
    // Verify the JWT token
    const decoded = jwt.verify(token, SECRET_KEY);
    console.log(decoded);
    // Attach decoded user data to the request
    (request as any).user = decoded;
    return null; // No need to return anything if token is valid
  } catch (error) {
    return NextResponse.json({ message: "Unauthorized: Invalid token" }, { status: 401 });
  }
7 replies
KKinde
Created by Daniel on 2/13/2025 in #💻┃support
Protect Next.js API Routes?
I can see my bearer token in the log but I always get this in postman: { "message": "Unauthorized: Invalid token" }
7 replies
KKinde
Created by Daniel on 2/13/2025 in #💻┃support
Protect Next.js API Routes?
If it helps anyone to help me this is how my middleware look like now (where I have tried solving this challenge): 
import { withAuth } from "@kinde-oss/kinde-auth-nextjs/middleware";
import { NextRequest, NextResponse } from "next/server";
import jwt from "jsonwebtoken"; // For JWT validation

const SECRET_KEY = process.env.KINDE_CLIENT_SECRET || "KINDE_CLIENT_SECRET"; // Your secret key

// JWT Validation for API routes
async function validateJwtToken(request: NextRequest) {
  const authHeader = request.headers.get("Authorization");

  console.log(authHeader);

  if (!authHeader || !authHeader.startsWith("Bearer ")) {
    console.log(authHeader)
    return NextResponse.json({ message: "Unauthorized: Missing or invalid token" }, { status: 401 });
  }

  const token = authHeader.split(" ")[1];

  try {
    // Verify the JWT token
    const decoded = jwt.verify(token, SECRET_KEY);
    console.log(decoded);
    // Attach decoded user data to the request
    (request as any).user = decoded;
    return null; // No need to return anything if token is valid
  } catch (error) {
    return NextResponse.json({ message: "Unauthorized: Invalid token" }, { status: 401 });
  }
}

export default async function middleware(req: NextRequest) {
  // Apply Kinde Auth to non-API routes
  if (!req.nextUrl.pathname.startsWith("/api/v1")) {
    return withAuth(req); // Continue with Kinde's authentication for non-API routes
  }

  // Apply JWT validation for API routes
  const jwtResponse = await validateJwtToken(req);
  if (jwtResponse) {
    return jwtResponse; // If the token is invalid, respond with Unauthorized
  }

  // If both checks pass, allow the API request to proceed
  return NextResponse.next();
}

export const config = {
  matcher: [
    // This will match all paths, allowing both non-API and API routes to be handled
    "/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt).*)",
  ],
};
import { withAuth } from "@kinde-oss/kinde-auth-nextjs/middleware";
import { NextRequest, NextResponse } from "next/server";
import jwt from "jsonwebtoken"; // For JWT validation

const SECRET_KEY = process.env.KINDE_CLIENT_SECRET || "KINDE_CLIENT_SECRET"; // Your secret key

// JWT Validation for API routes
async function validateJwtToken(request: NextRequest) {
  const authHeader = request.headers.get("Authorization");

  console.log(authHeader);

  if (!authHeader || !authHeader.startsWith("Bearer ")) {
    console.log(authHeader)
    return NextResponse.json({ message: "Unauthorized: Missing or invalid token" }, { status: 401 });
  }

  const token = authHeader.split(" ")[1];

  try {
    // Verify the JWT token
    const decoded = jwt.verify(token, SECRET_KEY);
    console.log(decoded);
    // Attach decoded user data to the request
    (request as any).user = decoded;
    return null; // No need to return anything if token is valid
  } catch (error) {
    return NextResponse.json({ message: "Unauthorized: Invalid token" }, { status: 401 });
  }
}

export default async function middleware(req: NextRequest) {
  // Apply Kinde Auth to non-API routes
  if (!req.nextUrl.pathname.startsWith("/api/v1")) {
    return withAuth(req); // Continue with Kinde's authentication for non-API routes
  }

  // Apply JWT validation for API routes
  const jwtResponse = await validateJwtToken(req);
  if (jwtResponse) {
    return jwtResponse; // If the token is invalid, respond with Unauthorized
  }

  // If both checks pass, allow the API request to proceed
  return NextResponse.next();
}

export const config = {
  matcher: [
    // This will match all paths, allowing both non-API and API routes to be handled
    "/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt).*)",
  ],
};
7 replies
KKinde
Created by TJ on 4/25/2024 in #💻┃support
Protect Next.js route handlers with machine-to-machine application?
Did you get a solution to this?
12 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
Thanks, I will try setting it to true directly and try again
47 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
No description
47 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
10 claims are being set but not User.Identity.Name
47 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
Could it be that it's not being set correctly, I will check that out as well
47 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
In the settings file I have, yes: "MapInboundClaims": true,
47 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
builder.Services.AddAuthentication(options =>
{
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;

})
.AddCookie()
.AddOpenIdConnect(opt =>
{
    opt.SignedOutCallbackPath = new PathString("/signout-callback-oidc");
    opt.SignedOutRedirectUri = "/";
});
builder.Services.AddAuthentication(options =>
{
    options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;

})
.AddCookie()
.AddOpenIdConnect(opt =>
{
    opt.SignedOutCallbackPath = new PathString("/signout-callback-oidc");
    opt.SignedOutRedirectUri = "/";
});
47 replies
KKinde
Created by Daniel on 2/6/2025 in #💻┃support
Kinde & .NET Blazor Server?
Could it be that i have misinterpreted the docs? I thought that was managed "automatically" by .NET Add Authentication
47 replies