Last active
March 2, 2017 18:15
-
-
Save alduro/bffc1f03a890b025f4abe66b1e27450f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In particular BlackMamba.GuardianSerializer is never being called. Same for LoadResource in router. | |
GUARDIAN_SECRET has the same value as AUTH0_CLIENT_SECRET | |
config.ex | |
config :guardian, Guardian, | |
5 allowed_algos: ["HS256"], | |
4 verify_module: Guardian.JWT, | |
3 issuer: System.get_env("AUTH0_DOMAIN"), | |
2 verify_issuer: false, | |
1 secret_key: System.get_env("GUARDIAN_SECRET") || raise("Missing GUARDIAN_SECRET"), | |
32 serializer: BlackMamba.GuardianSerializer | |
router.ex | |
pipeline :graphql do | |
2 plug GraphqlLogger | |
1 plug Guardian.Plug.VerifyHeader, realm: "Bearer", key: System.get_env("AUTH0_CLIENT_SECRET") | |
18 # plug Guardian.Plug.EnsureAuthenticated | |
1 plug Guardian.Plug.LoadResource | |
2 plug BlackMamba.Context | |
3 end | |
I managed to get the error code implementing unauthenticated method for Handler. | |
guardian_failure: {:error, :invalid_token}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
in that case, if you replace
secret_key: System.get("GUARDIAN_SECRET")
withsecret_key: System.get_env("AUTH0_CLIENT_SECRET")
and remove the key field from your verify header that should cause guardian to use the same secret as AUTH0. You'd need to write you serializer to use whatever they put in the sub field and you should be good to go.