Title
m
Miezan
10/14/2017, 1:21 AMhow bad of an idea is it to swap the RS256 token received from auth0 for a custom hs256 token to be used in authentication and authorization? ( I’ve tried many example of validating RS256 token using functions to no avail)
a
agartha
10/14/2017, 2:49 AMI am using an Auth0 rule to do so, so I don't need anything on the Graphcool side: https://github.com/graphcool/templates/pull/77
m
Miezan
10/14/2017, 2:19 PMI like this approach! would this still work if i’m using a SPA/React ? ( that option seems to turn off Token Endpoint Authentication Method - Post)
a
agartha
10/14/2017, 2:21 PMI wouldn't know why not. Where is it turned off?
m
Miezan
10/14/2017, 3:16 PMin Auth0 - Token Endpoint Authentication Method is set to None and grayed out
does auth0 Rule editor supports es6? I see a bunch errors when pasting the auth0-rule.js
a
agartha
10/14/2017, 4:19 PMYes, the errors are safe to ignore. The runtime is better than the editor 🙂
m
Miezan
10/14/2017, 4:21 PMtrying the rule in the editor returns ERROR: Cannot read property ‘GRAPHCOOL_PAT1’ of undefined - ( i did had all the clientMetadata correctly)
a
agartha
10/14/2017, 4:22 PMYes, clientMetadata is not available in the editor, because it is specific to the client you are using
It's not part of the test context
Just try the Auth0 authentication from an actual client, and paste the returned token on jwt.io. You will see that it contains an additional claim with the Graphcool token.
m
Miezan
10/14/2017, 4:54 PMthe client is returning - Cannot read property ‘User’ of undefined
a
agartha
10/14/2017, 4:56 PMIt seems it's not picking up on the clientMetadata then. Can you share exactly where you added the meta keys?
m
Miezan
10/14/2017, 4:58 PMAuth0 > Advanced Settings > Application Metadata
a
agartha
10/14/2017, 5:31 PMAnd you're sure that's the app you're using?
m
Miezan
10/14/2017, 6:00 PMeverything seems to be correctly set on the auth0 side, do i need to add the domain/ client/secret key in the graphcool project setting?
a
agartha
10/14/2017, 6:02 PMNo, you need to have the built-in Auth0 integration disabled for this
Did you add the three parts of the PAT without the dots?
m
Miezan
10/14/2017, 6:05 PMyes i have the PAT without the dots
the auth0 integration might be enable in a project let me check that
👍🏻 1
ok i ll clone ur repo and go from scratch with my graphcool instance and see if i can get that working first
a
agartha
10/14/2017, 6:14 PMOk. I've heard from previous users of my example that it worked for them. So unless Auth0 changed something again, it should work.
👍 1
m
Miezan
10/14/2017, 6:17 PMa
agartha
10/14/2017, 6:20 PMYou can only clone the entire functions repo, not just that folder.
By the way, did you apply the schema change to your project?
From the .graphql file. Because the error you are getting on User seems to indicate that the query fails. So I suspect the auth0UserId field to be either missing, or not marked as unique
m
Miezan
10/14/2017, 6:25 PMi see the PR but i can’t seem to find a way to navigate to the PR files after cloning the templates folder
im sure i had done it but i wil reapply that schema from the playground
ha found the repo - it was in a branch 😆
alright i give up for today, will get back to it later tonight, thanks for your help
nuked everything and restarted … IT WORKS!! Thank you very much !
🎉 1
a
agartha
10/14/2017, 11:33 PMGreat to hear! Sometimes it's nearly impossible to backtrack, and restarting over is the only option. I'm glad it works now
👍 1
✅ 1