-
-
Save alduro/bffc1f03a890b025f4abe66b1e27450f to your computer and use it in GitHub Desktop.
| In particular BlackMamba.GuardianSerializer is never being called. Same for LoadResource in router. | |
| GUARDIAN_SECRET has the same value as AUTH0_CLIENT_SECRET | |
| config.ex | |
| config :guardian, Guardian, | |
| 5 allowed_algos: ["HS256"], | |
| 4 verify_module: Guardian.JWT, | |
| 3 issuer: System.get_env("AUTH0_DOMAIN"), | |
| 2 verify_issuer: false, | |
| 1 secret_key: System.get_env("GUARDIAN_SECRET") || raise("Missing GUARDIAN_SECRET"), | |
| 32 serializer: BlackMamba.GuardianSerializer | |
| router.ex | |
| pipeline :graphql do | |
| 2 plug GraphqlLogger | |
| 1 plug Guardian.Plug.VerifyHeader, realm: "Bearer", key: System.get_env("AUTH0_CLIENT_SECRET") | |
| 18 # plug Guardian.Plug.EnsureAuthenticated | |
| 1 plug Guardian.Plug.LoadResource | |
| 2 plug BlackMamba.Context | |
| 3 end | |
| I managed to get the error code implementing unauthenticated method for Handler. | |
| guardian_failure: {:error, :invalid_token}} |
If I move out the key: parameter I got:
%{:reason => {:error, %FunctionClauseError{arity: 1, function: :jose_jwk, module: Guardian}},
My fault: this was due to I commented line 4 verify_module: Guardian.JWT out
@alduro is it possible to see your initial login controller? where you see the token for Auth0 for the first time?
@hassox it is supposed that there shouldn't be a login controller. A frontend app gets the token from Auth0 and send requests to this Elixir based API application. So this app just needs to validate Auth0 Token, load the resource ( User ) and that's it.
I see the Auth0 token for the first time when calling /graphql requests where we apply the pipeline :graphql
in that case, if you replace secret_key: System.get("GUARDIAN_SECRET") with secret_key: System.get_env("AUTH0_CLIENT_SECRET") and remove the key field from your verify header that should cause guardian to use the same secret as AUTH0. You'd need to write you serializer to use whatever they put in the sub field and you should be good to go.
Hmmm, after adding key at the end of VerifyHeader Plug now I got:
%{guardian_failure: {:error, :no_session}}