userstatus.js

/**
 * A quick demonstration of how to interact with the Auth0 Management API to retrieve user status
 * of a user by email address.  This is not production ready, however it demonstrates how this 
 * can be achieved.
 *
 * This is provided under the MIT license: https://raw.githubusercontent.com/angular/angular.js/master/LICENSE
 *
 * Usage:
 *
 * const user = require('./userstatus');
 *
 * user.getStatus('email').then((status) => {}).catch((err) => {});
 */

const rp = require('request-promise');

const clientId = '{your-client-id}';
const clientSecret = '{your-client-secret}';
const auth0Domain = '{your-tenant}.auth0.com';

/**
 * Requests an access_token from Auth0 that can be used to query users.  The client
 * will need to have two scopes `read:user` and `read:user_idp_tokens`.
 */
var getToken = () => {
  const tokenUrl = `https://${auth0Domain}/oauth/token`;
  const audience = `https://${auth0Domain}/api/v2/`;
  
  const options = {
    method: 'POST',
    url: tokenUrl,
    headers: { 'content-type': 'application/json' },
    body: {
      client_id: clientId,
      client_secret: clientSecret,
      audience: audience,
      grant_type: 'client_credentials'
    },
    json: true
  };
  
  return rp(options);
};

/**
 * This extracts the access_token from the client_credentials call to Auth0.  This token is required
 * to authz with the management api.  It tells the API you can search for users.
 */
var extractToken = (data) => {
  var promise = new Promise((resolve, reject) => {
    if (!data || !data.access_token) { reject('Oh no, we were not able to issue an accessToken'); }
    
    resolve(data.access_token);
  });
  
  return promise;
};

/**
 * This calls the management api to find a user by email address.  It returns a promise containing
 * the results of the API request.
 */
var findUser = (userEmail, accessToken) => {
  const managementUrl = `https://${auth0Domain}/api/v2/users?q=email:"${userEmail}"&search_engine=v2`;
  const options = {
    method: 'GET',
    url: managementUrl,
    headers: { 'Authorization': `Bearer ${accessToken}` },
    json: true
  };
  
  return rp(options);
};

/**
 * Reads the response from the user search and builds a status object.  If you want to modify the status
 * object you would do that hear.  You can view the documenation on what is returned from the management api
 * here: https://gist.github.com/sgmeyer/ea1919a491e269c7ee91d49c01c22b5d
 */
var extractUserStatus = (userData) => {
  var promise = new Promise((resolve, reject) => {
    if (!userData || userData.length < 1) { reject('Could not find any users with this criteria.'); }  

    var userStatus = {
      email: userData[0].email,
      email_verified: userData[0].email_verified,
      is_active: !userData[0].blocked,
      is_blocked: userData[0].blocked
    }
    
    resolve(userStatus);
  });
  
  return promise;
};

/**
 * Retrieves the user's status.  If the user is not found the promise will be rejected.
 * otherwise a status object will be returned.
 *
 * {
 *   email: [email protected],
 *   email_verified: true|false|undefined,
 *   is_active: true|false|undefined,
 *   is_blocked: true|false|undefined
 * }
 */
module.exports.getStatus = (userEmail) => {
  // retrieves the necessary access token needed for calling the API.
  return getToken()
    .then(extractToken)
    .then((token) => findUser(userEmail, token))
    .then(extractUserStatus);
}