Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

api_identifier config is not passed to Auth0\SDK\Auth0 config as audience #213

Closed
iSerter opened this issue Apr 22, 2021 · 6 comments · Fixed by #214
Closed

api_identifier config is not passed to Auth0\SDK\Auth0 config as audience #213

iSerter opened this issue Apr 22, 2021 · 6 comments · Fixed by #214
Assignees
@evansims

Comments

@iSerter
Copy link
Contributor

iSerter commented Apr 22, 2021

Problem

Auth0 Laravel package uses the api_identifier config key, which is the default JWT audience.
See https://github.com/auth0/laravel-auth0/blob/master/src/Auth0/Login/Auth0Service.php#L204
However, Auth0 PHP SDK -which is a dependency of this package- is using the audience config key to create a login URL.
So setting api_identifier in the config, does not add the audience param to the login URL.

Expected behavior?

I'd expect the login URL to include the audience I set in the config file.

Reproduction

Fresh install of the package and following the official docs will cause it.

Solution

It's possible to pass the audience as an additional parameter, and it'll work. However, what's the point of the config then?
I think something like this would make things much easier;
iSerter@011190a

Environment

PHP 8
Laravel 8
auth0/login: 6.4
@evansims
Copy link
Member

Hey @iSerter! Good catch, thank you! Your solution looks reasonable, I'll be sure to update this in the next major to reflect the same naming as the upstream SDK. If you'd like, would you want to create a PR with that suggestion I can merge your fix? I can do it if you'd rather

@evansims evansims added the bug label Apr 23, 2021
@evansims evansims self-assigned this Apr 23, 2021
@iSerter iSerter mentioned this issue Apr 23, 2021
Merged
3 tasks
@iSerter
Copy link
Contributor Author

iSerter commented Apr 23, 2021

Hi @evansims,
Thank you for checking on the issue and responding. I have created a PR for the commit I had shared as an example in the issue description;

#214

@evansims
Copy link
Member

Thanks very much for catching this and creating a fix, @iSerter! Really appreciate it. I'll ship this as a new bugfix release this coming week.

@Tamrael
Copy link
Contributor

Tamrael commented Oct 27, 2021
edited
Loading

after pulling in 6.4.1 we run into "Service not found" with the a call like this

app('auth0')->login(null, null, ['scope' => 'openid profile email']);

resulting in the audience in the redirect being set to the client id of the app.
there is no way anymore to not set an audience for the login call to auth in 6.4.1 as far as I can tell.
"api_identifier" is mandatory because the jwt token decoding needs it. so the isset check is obsolete because the api_identifier will always be set.

maybe i'm doing something wrong?

reverting back to 6.4.0 fixes the issue but that's not a solution I want to keep forever

@evansims
Copy link
Member

Hey @Tamrael, would you mind creating a separate issue detailing the issue you're hitting? I'm not sure I'm following entirely, but if you can break it down a bit more in that separate ticket we can work through it together. Thanks.

@Tamrael
Copy link
Contributor

Tamrael commented Oct 29, 2021

@evansims absolutely. opened #233 and added some more description to the problem we encountered

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 25, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@evansims evansims

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Pass api_identifier config as audience to Auth0\SDK\Auth0 iSerter/laravel-auth0
3 participants
@evansims @iSerter @Tamrael