Last active
March 2, 2017 18:15
-
-
Save alduro/bffc1f03a890b025f4abe66b1e27450f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In particular BlackMamba.GuardianSerializer is never being called. Same for LoadResource in router. | |
GUARDIAN_SECRET has the same value as AUTH0_CLIENT_SECRET | |
config.ex | |
config :guardian, Guardian, | |
5 allowed_algos: ["HS256"], | |
4 verify_module: Guardian.JWT, | |
3 issuer: System.get_env("AUTH0_DOMAIN"), | |
2 verify_issuer: false, | |
1 secret_key: System.get_env("GUARDIAN_SECRET") || raise("Missing GUARDIAN_SECRET"), | |
32 serializer: BlackMamba.GuardianSerializer | |
router.ex | |
pipeline :graphql do | |
2 plug GraphqlLogger | |
1 plug Guardian.Plug.VerifyHeader, realm: "Bearer", key: System.get_env("AUTH0_CLIENT_SECRET") | |
18 # plug Guardian.Plug.EnsureAuthenticated | |
1 plug Guardian.Plug.LoadResource | |
2 plug BlackMamba.Context | |
3 end | |
I managed to get the error code implementing unauthenticated method for Handler. | |
guardian_failure: {:error, :invalid_token}} |
in that case, if you replace secret_key: System.get("GUARDIAN_SECRET")
with secret_key: System.get_env("AUTH0_CLIENT_SECRET")
and remove the key field from your verify header that should cause guardian to use the same secret as AUTH0. You'd need to write you serializer to use whatever they put in the sub field and you should be good to go.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@hassox it is supposed that there shouldn't be a login controller. A frontend app gets the token from Auth0 and send requests to this Elixir based API application. So this app just needs to validate Auth0 Token, load the resource ( User ) and that's it.
I see the Auth0 token for the first time when calling /graphql requests where we apply the pipeline :graphql