evansims
commented
3 months ago Hi @danrossi 👋
The ClientAssertionGenerator is only intended for generating JSON Web Token Client Assertions, otherwise known as "private key JWTs." https://auth0.com/docs/get-started/authentication-and-authorization-flow/authenticate-with-private-key-jwt The SDK uses it internally when a clientAssertionSigningKey is configured.
It sounds like you might be looking for more of a general-purpose token generator of some kind, if I understand. The SDK includes the Auth0\SDK\Token\Generator class, which might be more useful here — but if you could please clarify your use case a bit for me, I can try to help.
Checklist
SDK Version
8.7
PHP Version
PHP 8.2
Description
I'm trying to mock up using the api to generate RS tokens to be validated from a java backend using auth0 java library. I have a backend I need to show php examples how to generate tokens. However it can't be done from the main api, the method has to be used directly. Most of it is tied to verification and http requests rather than just uncoupled token generation. The sample app doesn't generate api tokens just verifies.
The java library is much more concise generating tokens than the php one.
I found this method has a static expiry so can't be used. So the internal Generate api needs to be used and all that code duplicated and made external. Expiry needs to be a configuration perhaps ?
How can we reproduce this issue?
https://github.com/auth0/auth0-PHP/blob/cc7abb9a739ff7ad966f1921dd0a5b2b1521863e/src/Token/ClientAssertionGenerator.php#L56