Skip to content

Add programmatic configuration API#43

Merged
nicknisi merged 16 commits intomainfrom
nicknisi/config-object
Mar 9, 2025
Merged

Add programmatic configuration API#43
nicknisi merged 16 commits intomainfrom
nicknisi/config-object

Conversation

@nicknisi
Copy link
Copy Markdown
Member

@nicknisi nicknisi commented Mar 6, 2025
edited
Loading

Problem

Currently, users must provide secrets and configuration values through environment variables (process.env). This has several limitations:

  • Security concerns with secrets in environment variables
  • Doesn't work well across different JavaScript runtimes (Deno, Cloudflare Workers, etc.)
  • No convenient way to integrate with secret management systems

Solution

This PR adds a new configure() function that enables programmatic configuration with multiple flexible patterns:

// in entry.server.tsx

// Direct values approach
configure({
  clientId: 'client_...',
  apiKey: 'sk_test_...',
  redirectUri: 'http://localhost:3000/callback',
  cookiePassword: 'secure-password...',
});

// Function-based for different environments (may not yet be fully supported)
configure(key => Deno.env.get(key));

// Hybrid approach
configure({ redirectUri: 'https://example.com/callback' }, mySecretSource);

Implementation Details

  • Added lazy initialization to prevent eager loading of credentials
  • Environment variables still take precedence (maintains backward compatibility)
  • Centralized default values for optional settings
  • Added TypeScript overloads for improved developer experience
  • Documentation in README updated to explain the new configuration options

Benefits

  • Improved security - credentials don't need to be exposed in environment variables
  • Cross-platform support - works in any JavaScript runtime
  • Better developer experience - flexible API with strong typing
  • Secret management integration - values can be loaded from vault services

Testing

  • Added unit tests for all configuration patterns
  • Verified backward compatibility with environment variables

Additional Changes

  • Lazily instantiates workos instance (parity with authkit-nextjs)
  • exposes getWorkOS() function to user to get access to WorkOS instance (parity with authkit-nextjs)

Breaking Changes

None. This is a non-breaking enhancement that maintains compatibility with existing code.

Fixes #38

@nicknisi nicknisi marked this pull request as ready for review March 6, 2025 14:44
@nicknisi nicknisi requested review from chantastic and mthadley March 6, 2025 14:44
@nicknisi nicknisi force-pushed the nicknisi/config-object branch from 87e970f to 07056f4 Compare March 6, 2025 20:26
dandorman
dandorman approved these changes Mar 8, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@dandorman dandorman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems good to me. (I had a few comments, but nothing that should block this, imo.)

I think it would be great if something like this existed in the Node WorkOS client itself, but ... the perfect is the enemy of the good, and this is an excellent starting place that will improve devex for our Remix users.

@nicknisi nicknisi merged commit eee9259 into main Mar 9, 2025
4 checks passed
@nicknisi nicknisi deleted the nicknisi/config-object branch March 9, 2025 21:51
@nicknisi nicknisi mentioned this pull request Mar 10, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dandorman dandorman dandorman approved these changes

@chantastic chantastic Awaiting requested review from chantastic

@mthadley mthadley Awaiting requested review from mthadley

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Security: Allow alternative methods of setting sensitive values

2 participants

@nicknisi @dandorman