Anyone else get the following error when trying to login wit Prisma #prisma-whats-new

Anyone else get the following error when trying to...

cartogram

03/19/2017, 6:39 AM

Anyone else get the following error when trying to login with Auth0,

Copy code

GraphQL error: The provided idToken is invalid.

jimmy

03/19/2017, 6:41 AM

@cartogram in auth0.js code did you use res.id_token as the token or did you just put the whole thing and make sure you have scope

openid

cartogram

03/19/2017, 6:55 AM

Its a bit strange to me because the response when authenticated looks like this

Copy code

Object
accessToken
:
"MG0OR48Ob8VYjgAf"
expiresIn
:
86400
idToken
:
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1USXpOMEZCTUVNMU1qVTRNRFl3UkRkQk5FVXpNRU5GUTBVME5qVTNORVZFTWtJMFJqZzJOZyJ9.eyJuYW1lIjoibXNlY2NhZmllbkBnbWFpbC5jb20iLCJuaWNrbmFtZSI6Im1zZWNjYWZpZW4iLCJwaWN0dXJlIjoiaHR0cHM6Ly9zLmdyYXZhdGFyLmNvbS9hdmF0YXIvYzNlNTQ4MDYwMTJlNDM1NjIwNzNjZDVmNDZiNjNhZmI_cz00ODAmcj1wZyZkPWh0dHBzJTNBJTJGJTJGY2RuLmF1dGgwLmNvbSUyRmF2YXRhcnMlMkZtcy5wbmciLCJ1cGRhdGVkX2F0IjoiMjAxNy0wMy0xOVQwNjo1MjoxOC45OTlaIiwiZW1haWwiOiJtc2VjY2FmaWVuQGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiaXNzIjoiaHR0cHM6Ly9mb25kZm9saW8uYXV0aDAuY29tLyIsInN1YiI6ImF1dGgwfDU4N2VhNjRlNzI5MmQ0NjRjODYwNTNmMSIsImF1ZCI6IkM1UFM0R0RKWFNmcXRSVjNYOVVFNGM4VUZqQzV6Mk5CIiwiZXhwIjoxNDg5OTQyMzM5LCJpYXQiOjE0ODk5MDYzMzl9.Z-OJwETiLZ1I4HysSbgYCDs4jViUfdjysbgS15CUg_he2vUr9dqW0nEU2LOvgZxUxwJukv85fZCy3ITkfIoOmWzSIQeqxUO2Q3IIFWisLNjQqKhKbVOE3uH_8-fwQlb0i71OhcBIUMHyBHtR75IR_MFscBaUpRYOZqGdu3k74b90MyFMb9crZdJ3aSLusTQyNWlyKmk1WrhQERQeZN5z71jw7uJxI-701VwerjypXDk3IWVHn43xTG4JH27jM3WgHPI0QqbHnz9Ye-fSarQLXa05fLqKVqYNJHLPoq0fqgE4_JuLRsTa77sTMdjmqVe7yyVW49iLa3dxROt5Xcmt8w"
scope
:
"openid profile email address phone"
tokenType
:
"Bearer"```Object
accessToken
:
"MG0OR48Ob8VYjgAf"
expiresIn
:
86400
idToken
:
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1USXpOMEZCTUVNMU1qVTRNRFl3UkRkQk5FVXpNRU5GUTBVME5qVTNORVZFTWtJMFJqZzJOZyJ9.eyJuYW1lIjoibXNlY2NhZmllbkBnbWFpbC5jb20iLCJuaWNrbmFtZSI6Im1zZWNjYWZpZW4iLCJwaWN0dXJlIjoiaHR0cHM6Ly9zLmdyYXZhdGFyLmNvbS9hdmF0YXIvYzNlNTQ4MDYwMTJlNDM1NjIwNzNjZDVmNDZiNjNhZmI_cz00ODAmcj1wZyZkPWh0dHBzJTNBJTJGJTJGY2RuLmF1dGgwLmNvbSUyRmF2YXRhcnMlMkZtcy5wbmciLCJ1cGRhdGVkX2F0IjoiMjAxNy0wMy0xOVQwNjo1MjoxOC45OTlaIiwiZW1haWwiOiJtc2VjY2FmaWVuQGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiaXNzIjoiaHR0cHM6Ly9mb25kZm9saW8uYXV0aDAuY29tLyIsInN1YiI6ImF1dGgwfDU4N2VhNjRlNzI5MmQ0NjRjODYwNTNmMSIsImF1ZCI6IkM1UFM0R0RKWFNmcXRSVjNYOVVFNGM4VUZqQzV6Mk5CIiwiZXhwIjoxNDg5OTQyMzM5LCJpYXQiOjE0ODk5MDYzMzl9.Z-OJwETiLZ1I4HysSbgYCDs4jViUfdjysbgS15CUg_he2vUr9dqW0nEU2LOvgZxUxwJukv85fZCy3ITkfIoOmWzSIQeqxUO2Q3IIFWisLNjQqKhKbVOE3uH_8-fwQlb0i71OhcBIUMHyBHtR75IR_MFscBaUpRYOZqGdu3k74b90MyFMb9crZdJ3aSLusTQyNWlyKmk1WrhQERQeZN5z71jw7uJxI-701VwerjypXDk3IWVHn43xTG4JH27jM3WgHPI0QqbHnz9Ye-fSarQLXa05fLqKVqYNJHLPoq0fqgE4_JuLRsTa77sTMdjmqVe7yyVW49iLa3dxROt5Xcmt8w"
scope
:
"openid profile email address phone"
tokenType
:
"Bearer"

cartogram

03/19/2017, 6:55 AM

which has idToken not id_token

cartogram

03/19/2017, 6:55 AM

and it is a different shape then when I login in with the lock

cartogram

03/19/2017, 6:56 AM

im trying a number of things to change the scope to only

openid

but nothing seems to be working, it always sends all of

Copy code

"openid profile email address phone"

jimmy

03/19/2017, 6:56 AM

check your settings in auth0

jimmy

03/19/2017, 6:57 AM

in the client settings did you set a default scope to all those?

jimmy

03/19/2017, 6:58 AM

only 3 places that set scope, auth0.login and the dashboard client settings or auth0 rules

cartogram

03/19/2017, 6:59 AM

im not seeing it in the settings

cartogram

03/19/2017, 7:02 AM

and in the auth0js, i have this

Copy code

this.auth0.client.login({
      realm: 'Username-Password-Authentication',
      username,
      password,
      scope: 'openid',
    }, (err, authResult) => {
      log(authResult)
.....

cartogram

03/19/2017, 7:03 AM

the scope param there seems to do nothing

jimmy

03/19/2017, 7:07 AM

hmm

jimmy

03/19/2017, 7:09 AM

what about clientId? you only have 1 client im guessing?

cartogram

03/19/2017, 7:09 AM

https://github.com/auth0/auth0.js/issues/391

cartogram

03/19/2017, 7:09 AM

i think it could be an issue

cartogram

03/19/2017, 7:09 AM

yeah just one client

jimmy

03/19/2017, 7:10 AM

maybe its a bug in v8

cartogram

03/19/2017, 7:18 AM

yeah ive down graded to v8.0.0 (from 8.4.0) and the configuration for

scope

login()

has no effect

cartogram

03/19/2017, 7:18 AM

would that be the cause for an issue with Graph.cool though?

cartogram

03/19/2017, 7:18 AM

Why would it still not recognized the token as valid?

jimmy

03/19/2017, 7:35 AM

its odd cause i think gcool only checks the fields from openid scope

cartogram

03/19/2017, 7:49 AM

I think it also does not support the RS256 token signature algorithm either.

cartogram

03/19/2017, 8:47 AM

I am almost certain that it is an issue with Graph.cool not liking the larger tokens with the additional scope. This should be documented if thats the case.

cartogram

03/19/2017, 9:07 AM

For now im back to using Lock and everything works.

👍 1

Open in Slack

Previous Next