Title
m

Miezan

10/14/2017, 1:21 AM
how bad of an idea is it to swap the RS256 token received from auth0 for a custom hs256 token to be used in authentication and authorization? ( I’ve tried many example of validating RS256 token using functions to no avail)
a

agartha

10/14/2017, 2:49 AM
I am using an Auth0 rule to do so, so I don't need anything on the Graphcool side: https://github.com/graphcool/templates/pull/77
m

Miezan

10/14/2017, 2:19 PM
I like this approach! would this still work if i’m using a SPA/React ? ( that option seems to turn off Token Endpoint Authentication Method - Post)
a

agartha

10/14/2017, 2:21 PM
I wouldn't know why not. Where is it turned off?
m

Miezan

10/14/2017, 3:16 PM
in Auth0 - Token Endpoint Authentication Method is set to None and grayed out
does auth0 Rule editor supports es6? I see a bunch errors when pasting the auth0-rule.js
a

agartha

10/14/2017, 4:19 PM
Yes, the errors are safe to ignore. The runtime is better than the editor 🙂
m

Miezan

10/14/2017, 4:21 PM
trying the rule in the editor returns ERROR: Cannot read property ‘GRAPHCOOL_PAT1’ of undefined - ( i did had all the clientMetadata correctly)
a

agartha

10/14/2017, 4:22 PM
Yes, clientMetadata is not available in the editor, because it is specific to the client you are using
It's not part of the test context
Just try the Auth0 authentication from an actual client, and paste the returned token on jwt.io. You will see that it contains an additional claim with the Graphcool token.
m

Miezan

10/14/2017, 4:54 PM
the client is returning - Cannot read property ‘User’ of undefined
a

agartha

10/14/2017, 4:56 PM
It seems it's not picking up on the clientMetadata then. Can you share exactly where you added the meta keys?
m

Miezan

10/14/2017, 4:58 PM
Auth0 > Advanced Settings > Application Metadata
a

agartha

10/14/2017, 5:31 PM
And you're sure that's the app you're using?
m

Miezan

10/14/2017, 6:00 PM
everything seems to be correctly set on the auth0 side, do i need to add the domain/ client/secret key in the graphcool project setting?
a

agartha

10/14/2017, 6:02 PM
No, you need to have the built-in Auth0 integration disabled for this
Did you add the three parts of the PAT without the dots?
m

Miezan

10/14/2017, 6:05 PM
yes i have the PAT without the dots
the auth0 integration might be enable in a project let me check that
👍🏻 1
ok i ll clone ur repo and go from scratch with my graphcool instance and see if i can get that working first
a

agartha

10/14/2017, 6:14 PM
Ok. I've heard from previous users of my example that it worked for them. So unless Auth0 changed something again, it should work.
👍 1
a

agartha

10/14/2017, 6:20 PM
You can only clone the entire functions repo, not just that folder.
By the way, did you apply the schema change to your project?
From the .graphql file. Because the error you are getting on User seems to indicate that the query fails. So I suspect the auth0UserId field to be either missing, or not marked as unique
m

Miezan

10/14/2017, 6:25 PM
i see the PR but i can’t seem to find a way to navigate to the PR files after cloning the templates folder
im sure i had done it but i wil reapply that schema from the playground
ha found the repo - it was in a branch 😆
alright i give up for today, will get back to it later tonight, thanks for your help
nuked everything and restarted … IT WORKS!! Thank you very much !
🎉 1
a

agartha

10/14/2017, 11:33 PM
Great to hear! Sometimes it's nearly impossible to backtrack, and restarting over is the only option. I'm glad it works now
👍 1
1