Skip to content

Commit 1089a04

Browse files
ksroda-saclaude
andcommitted
Add React login-pkce sample, extraction scripts, and CI
Scaffold the repo with a React Auth Code + PKCE sample app, snippet extraction/validation tooling, CI workflows, and updated README with contribution guidelines. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 4c4c2bb commit 1089a04

30 files changed

Lines changed: 5069 additions & 2 deletions

.github/CODEOWNERS

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
# All files require review from the CIAM team
2+
* @SecureAuthCorp/ciam-engineering

.github/dependabot.yml

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
version: 2
2+
updates:
3+
- package-ecosystem: "npm"
4+
directory: "/samples/react/login-pkce"
5+
schedule:
6+
interval: "weekly"
7+
open-pull-requests-limit: 5
8+
labels:
9+
- "dependencies"
10+
commit-message:
11+
prefix: "deps"
12+
13+
- package-ecosystem: "npm"
14+
directory: "/scripts"
15+
schedule:
16+
interval: "weekly"
17+
open-pull-requests-limit: 3
18+
labels:
19+
- "dependencies"
20+
commit-message:
21+
prefix: "deps"
22+
23+
- package-ecosystem: "github-actions"
24+
directory: "/"
25+
schedule:
26+
interval: "weekly"
27+
labels:
28+
- "dependencies"

.github/workflows/extract.yml

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
name: Extract Snippets
2+
3+
on:
4+
push:
5+
branches: [main]
6+
workflow_dispatch:
7+
8+
permissions:
9+
contents: write
10+
11+
jobs:
12+
extract:
13+
runs-on: ubuntu-latest
14+
steps:
15+
- uses: actions/checkout@v4
16+
17+
- uses: actions/setup-node@v4
18+
with:
19+
node-version: "22"
20+
21+
- name: Enable Corepack
22+
run: corepack enable
23+
24+
- name: Install dependencies
25+
run: yarn install --immutable
26+
27+
- name: Aggregate manifests
28+
working-directory: scripts
29+
run: yarn aggregate
30+
31+
- name: Extract snippets
32+
working-directory: scripts
33+
run: yarn extract
34+
35+
- name: Validate structure
36+
working-directory: scripts
37+
run: yarn validate
38+
39+
- name: Check for changes
40+
id: diff
41+
run: |
42+
git diff --quiet snippets.json snippet-manifest.yaml || echo "changed=true" >> "$GITHUB_OUTPUT"
43+
44+
- name: Commit updated artifacts
45+
if: steps.diff.outputs.changed == 'true'
46+
run: |
47+
git config user.name "github-actions[bot]"
48+
git config user.email "github-actions[bot]@users.noreply.github.com"
49+
git add snippets.json snippet-manifest.yaml
50+
git commit -m "chore: update extracted snippets and manifest"
51+
git push
52+
53+
# - name: Notify ciam-core of snippet changes
54+
# if: steps.diff.outputs.changed == 'true'
55+
# run: |
56+
# gh api repos/SecureAuthCorp/ciam-core/dispatches \
57+
# -f event_type=quickstart-snippets-updated \
58+
# -f 'client_payload[sha]=${{ github.sha }}'
59+
# env:
60+
# GH_TOKEN: ${{ secrets.CIAM_CORE_DISPATCH_TOKEN }}

.github/workflows/test-js.yml

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
name: Test JS Frameworks
2+
3+
on:
4+
push:
5+
paths:
6+
- "samples/react/**"
7+
pull_request:
8+
paths:
9+
- "samples/react/**"
10+
schedule:
11+
- cron: "0 8 * * 1"
12+
workflow_dispatch:
13+
14+
permissions:
15+
contents: read
16+
17+
jobs:
18+
find-projects:
19+
runs-on: ubuntu-latest
20+
outputs:
21+
matrix: ${{ steps.find.outputs.matrix }}
22+
steps:
23+
- uses: actions/checkout@v4
24+
- id: find
25+
run: |
26+
DIRS=$(find samples -name "package.json" -not -path "*/node_modules/*" -exec dirname {} \; 2>/dev/null | sort | jq -R -s -c 'split("\n") | map(select(. != ""))')
27+
echo "matrix=$DIRS" >> "$GITHUB_OUTPUT"
28+
29+
test:
30+
needs: find-projects
31+
if: ${{ needs.find-projects.outputs.matrix != '[]' }}
32+
runs-on: ubuntu-latest
33+
strategy:
34+
fail-fast: false
35+
matrix:
36+
project: ${{ fromJson(needs.find-projects.outputs.matrix) }}
37+
steps:
38+
- uses: actions/checkout@v4
39+
- uses: actions/setup-node@v4
40+
with:
41+
node-version: "22"
42+
- name: Enable Corepack
43+
run: corepack enable
44+
- name: Install dependencies
45+
run: yarn install --immutable
46+
- name: Build
47+
working-directory: ${{ matrix.project }}
48+
run: yarn build
49+
- name: Test
50+
working-directory: ${{ matrix.project }}
51+
run: yarn test
52+
if: ${{ hashFiles(format('{0}/vitest.config.ts', matrix.project)) != '' }}
53+
- name: Check formatting
54+
working-directory: ${{ matrix.project }}
55+
run: |
56+
if grep -q '"format:check"' package.json; then
57+
yarn format:check
58+
fi

.yarn/releases/yarn-4.13.0.cjs

Lines changed: 940 additions & 0 deletions
Large diffs are not rendered by default.

.yarnrc.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
nodeLinker: node-modules
2+
3+
npmRegistryServer: "https://registry.npmjs.org"
4+
5+
yarnPath: .yarn/releases/yarn-4.13.0.cjs

README.md

Lines changed: 22 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,24 @@
1-
# ciam-quickstart-samples
1+
# CIAM Quickstart Samples
22

3+
Framework-specific sample apps demonstrating SecureAuth integration. Code is extracted from these samples and displayed in the SecureAuth admin dashboard's Quickstart tab.
34

4-
Repository for framework-specific integration sample apps
5+
## Structure
6+
7+
```
8+
samples/ # One folder per framework
9+
react/ # React sample apps
10+
login-pkce/ # Login with Auth Code + PKCE
11+
scripts/ # Extraction and validation tools
12+
```
13+
14+
## Adding a new sample
15+
16+
1. Create `samples/<framework>/<flow>/` with a minimal working app
17+
2. Add `@snippet:stepN:start/end` tags and `@description` comments in source files
18+
3. Add a `manifest.yaml` in `samples/<framework>/`
19+
4. Run `cd scripts && yarn all` to validate
20+
5. Open a PR — CI will test the app and validate extraction
21+
22+
## Contributing
23+
24+
This repo is maintained by the SecureAuth CIAM team. External contributions are welcome via pull request — all PRs require team review.

package.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
{
2+
"private": true,
3+
"packageManager": "yarn@4.13.0",
4+
"workspaces": [
5+
"samples/react/*",
6+
"scripts"
7+
]
8+
}

placeholder-map.yaml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
# Maps env var patterns to placeholder tokens per language.
2+
# The extraction script uses these to replace real env var references
3+
# with generic {{PLACEHOLDER}} tokens in extracted snippets.
4+
5+
js:
6+
- pattern: "import.meta.env.VITE_ISSUER_URL"
7+
placeholder: "{{ISSUER_URL}}"
8+
- pattern: "import.meta.env.VITE_CLIENT_ID"
9+
placeholder: "{{CLIENT_ID}}"
10+
- pattern: "import.meta.env.VITE_REDIRECT_URI"
11+
placeholder: "{{REDIRECT_URI}}"
12+
- pattern: "import.meta.env.VITE_SCOPES"
13+
placeholder: "{{SCOPES}}"
14+
- pattern: "import.meta.env.VITE_POST_LOGOUT_URI"
15+
placeholder: "{{POST_LOGOUT_URI}}"
16+
- pattern: "process.env.REACT_APP_ISSUER_URL"
17+
placeholder: "{{ISSUER_URL}}"
18+
- pattern: "process.env.REACT_APP_CLIENT_ID"
19+
placeholder: "{{CLIENT_ID}}"
20+
- pattern: "process.env.REACT_APP_REDIRECT_URI"
21+
placeholder: "{{REDIRECT_URI}}"
22+
- pattern: "process.env.SA_ISSUER_URL"
23+
placeholder: "{{ISSUER_URL}}"
24+
- pattern: "process.env.SA_CLIENT_ID"
25+
placeholder: "{{CLIENT_ID}}"
26+
- pattern: "process.env.SA_CLIENT_SECRET"
27+
placeholder: "{{CLIENT_SECRET}}"
28+
- pattern: "process.env.SA_REDIRECT_URI"
29+
placeholder: "{{REDIRECT_URI}}"
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
VITE_ISSUER_URL=https://your-tenant.us.secureauth.com/your-workspace
2+
VITE_CLIENT_ID=your-client-id
3+
VITE_REDIRECT_URI=http://localhost:3000/callback
4+
VITE_SCOPES=openid profile email

0 commit comments

Comments
 (0)