feat: Support validating tokens with tenant domain in the case of custom domains

[ramonschriks]

When a token is issued, the token issuer is validated against the (tenant)domain within the configuration. However, when a custom domain is provided within the SDK configuration, the issuer is validated against that custom domain.

This fix will, in case of custom domain set in SDK configuration, validates the custom domain at first against the issuer within the token (same as previous behaviour). However in case of failure fallback to the tenant domain set in the SDK Configuration.

Use case:

• A tenant domain is set
• A custom domain is set

All auth0 requests (e.g. token and validation) are sent to custom domain. In certain situations, the custom domain acts as a proxy that actually does some extended validation on the client request and redirects the requests to the actual tenant domain. Therefor, the tenant domain is the origin issuer of the token, while the requests are proxied through the custom domain.

Changes

References

Testing

Contributor Checklist

• [x] I agree to adhere to the Auth0 General Contribution Guidelines.
• [x] I agree to uphold the Auth0 Code of Conduct.

[codecov-commenter]

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (14b405e) 100.00% compared to head (d95cd7d) 99.97%. Report is 1 commits behind head on main.

Files	Patch %	Lines
src/Token.php	85.71%	1 Missing :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #753 +/- ## ============================================= - Coverage 100.00% 99.97% -0.03% - Complexity 1381 1383 +2 ============================================= Files 62 62 Lines 4776 4781 +5 ============================================= + Hits 4776 4780 +4 - Misses 0 1 +1 ``` | [Flag](https://app.codecov.io/gh/auth0/auth0-PHP/pull/753/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=auth0) | Coverage Δ | | |---|---|---| | [unittestsvalidate](https://app.codecov.io/gh/auth0/auth0-PHP/pull/753/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=auth0) | `99.97% <85.71%> (-0.03%)` | :arrow_down: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=auth0#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[ramonschriks]

Hey @evansims,

Thanks for approving! Not hurry things up or something, but more out of curiosity, how long would it normally take for this to be included within the next release? And also for the auth0/wordpress plugin, which depends on this?

Thanks in advance!

[evansims]

Hey, @ramonschriks 👋 Happy New Year! Sorry for the delay. Usually, we'd cut a release immediately, but we've been on a code freeze this past week with the holidays. That'll be lifted at the end of this week, so I'll get a release cut after that.

[evansims]

Hey again, @ramonschriks just wanted to let you know this has shipped in 8.11. Thanks for your contribution, and sorry for the delay!

[ramonschriks]

@evansims Thanks! However, i made a mistake and perhaps a unit test is still needed to be added to ensure correct functionality. https://github.com/auth0/auth0-PHP/pull/755