the auth0 authentication piece is working just fine it seems Prisma #prisma-whats-new

Join Slack

the auth0 authentication piece is working just fin...

# prisma-whats-new

dkh

06/21/2017, 10:39 AM

the auth0 authentication piece is working just fine it seems

wallslide

06/21/2017, 10:40 AM

@dkh what does your createUser mutation look like?

dkh

06/21/2017, 10:40 AM

Copy code

export default gql`
   mutation ($idToken: String!, $name: String!, $username: String!, $email: String!, $avatar: String!){
    createUser(
      authProvider: {auth0: {idToken: $idToken}}, 
      name: $name, 
      username: $username,
      email: $email, 
      avatar: $avatar
    ) {
        id
      }
  }
`

wallslide

06/21/2017, 10:42 AM

I do mine slightly differently, but it looks good

wallslide

06/21/2017, 10:42 AM

Copy code

mutation ($firstName: String!, $lastName: String!, $email: String!, $authProvider: AuthProviderSignupData!){
          createUser(firstName: $firstName, lastName: $lastName, email: $email, authProvider: $authProvider) {
            id,
          }

dkh

06/21/2017, 10:43 AM

Gotcha, yeah looks like you just have the autProvider piece defined in another variable

wallslide

06/21/2017, 10:44 AM

and you are pulling the idToken out of the data structure similar to this?

Copy code

lock.on('authenticated', (authResult) => {
        const {idToken, accessToken, idTokenPayload: {exp}} = authResult;

dkh

06/21/2017, 10:46 AM

const idToken = localStorage.getItem('id_token')

wallslide

06/21/2017, 10:47 AM

I mean, when you extract it initially

wallslide

06/21/2017, 10:47 AM

and save it to the local storage

dkh

06/21/2017, 10:48 AM

yup,

Copy code

handleAuthentication() {
    this.auth0.parseHash((err, authResult) => {
      if (authResult && authResult.accessToken && authResult.idToken) {
        this.setSession(authResult);
      } else if (err) {
        history.replace('/');
        console.log(err);
      }
    });
  }

dkh

06/21/2017, 10:48 AM

Copy code

setSession(authResult) {
    // Set the time that the access token will expire at
    let expiresAt = JSON.stringify((authResult.expiresIn * 1000) + new Date().getTime());
    localStorage.setItem('access_token', authResult.accessToken);
    localStorage.setItem('id_token', authResult.idToken);
    localStorage.setItem('expires_at', expiresAt);
    localStorage.setItem('authResult', authResult)
    // navigate to the home route
    history.replace('/authenticate');
  }

dkh

06/21/2017, 10:48 AM

I just followed the auth0 React quick start example and tweaked it a bit

wallslide

06/21/2017, 10:49 AM

is it possible that when you create your

new Auth0Lock(CLIENT_ID, AUTH0_DOMAIN, {});

that the clientId and domain don't match up with the secret that you set in the graphcool dashboard?

wallslide

06/21/2017, 10:51 AM

remember that if you change an environmental variable, you will likely have to stop/start the dev process/server to get those changes to take effect

dkh

06/21/2017, 10:51 AM

I'm actually using auth0.WebAuth

dkh

06/21/2017, 10:52 AM

and for now, I'm not using env vars, just hard coded the domain and clientid

wallslide

06/21/2017, 10:52 AM

ok, but they look correct?

dkh

06/21/2017, 10:53 AM

yup, doesn't hurt to replace them though and try again

dkh

06/21/2017, 10:57 AM

yeah, still seeing the same error. Bizarre that the id_token is in local storage but the mutation doesn't like it

wallslide

06/21/2017, 10:58 AM

I guess the next thing is to check in your browser's dev tools, in the network requests to be sure that the token is actually being sent. And you can try manually running the query in the graphcool dashboard's playground to narrow down the problem as well

dkh

06/21/2017, 10:59 AM

👍 will do, thanks a lot for your help!

wallslide

06/21/2017, 10:59 AM

good luck!

wallslide

06/21/2017, 10:59 AM

you can also test tokens here to see if the token and the secret match up

wallslide

06/21/2017, 10:59 AM

https://jwt.io/

nilan

06/21/2017, 11:48 AM

@dkh we currently only support H256 tokens

nilan

06/21/2017, 11:48 AM

is auth0.WebAuth

auth0-js

dkh

06/21/2017, 11:49 AM

yup

nilan

06/21/2017, 11:49 AM

that uses R256 tokens in version 8. You can use version 7 instead

dkh

06/21/2017, 11:49 AM

ahh, gotcha. I can just use auth-lock

nilan

06/21/2017, 11:50 AM

make sure to use H256 as encoding method in the Auth0 settings though

dkh

06/21/2017, 11:50 AM

ok cool, will do!

petr.vlcek

06/22/2017, 9:29 AM

@dkh I'm using

auth0-js@8.8.0

to implement custom login/signup and I've managed to succesfully implement it with manually parsing

id_token

information from URL hash (as

parseHash

in v8 cannot parse HS256 tokens yet, as mentioned in https://github.com/auth0/auth0.js/issues/303#issuecomment-273851977)

petr.vlcek

06/22/2017, 9:31 AM

I'm using

qs

lib for parsing and something like this:

Copy code

import qs from 'qs'

let hash = window.location.hash;
hash = hash.replace(/^#?\/?/, '')
const authResult = qs.parse(hash)

if (authResult.error) {
  dispatch(signupFailed(authResult))
} else {
  dispatch(signupSuccessful(authResult))
}

dkh

06/22/2017, 10:24 AM

Ahhhh, very nice @petr.vlcek. Thanks for the tip!

salute 1

petr.vlcek

06/22/2017, 11:07 AM

it's also worth noting that when you use

audience

option for new instance of

auth0.WebAuth

or when you turn on OIDC on your Auth0 client (in advanced settings), Auth0 automatically starts sending you RS256 idToken instead of HS256 token regardless of your client JWT signature algorighm settings

dkh

06/22/2017, 12:04 PM

@petr.vlcek interesting, so I should remove the audience setting as well?

petr.vlcek

06/22/2017, 12:06 PM

yes, after removing it, you start receiving idToken in HS256 format

petr.vlcek

06/22/2017, 12:06 PM

I've just tested it

dkh

06/22/2017, 12:08 PM

crazy, ok gotcha

petr.vlcek

06/22/2017, 12:11 PM

it's maybe because of compliance with some standards (which I don't understand deeply :))

dkh

06/22/2017, 12:12 PM

hahaha yeah, I’m right there with you man

Open in Slack

Previous Next