There has been support for Symfony role resolution from both permissions and scope claims in the JWT tokens for a while now.
However, there was a problem that this bundle expected scope claim to be either an array, or a string with the single scope value, while in reality Auth0 authentication API returns tokens with scope value being a concatenated string of multiple scope values:
In this bundle such scope produced an unusable role code with spaces in it and all permissions in one string.
This PR fixes this issue, by adding support for concatenated-string scope value while preserving support for previous formats as well.
Testing
PhpUnit tests added (both previous formats + the new one; i.e. one test would fail on old codebase)
[x] This change adds test coverage
[ ] This change has been tested on the latest version of Symfony
Changes
There has been support for Symfony role resolution from both
permissions
andscope
claims in the JWT tokens for a while now.However, there was a problem that this bundle expected
scope
claim to be either an array, or a string with the single scope value, while in reality Auth0 authentication API returns tokens withscope
value being a concatenated string of multiple scope values:In this bundle such scope produced an unusable role code with spaces in it and all permissions in one string.
This PR fixes this issue, by adding support for concatenated-string scope value while preserving support for previous formats as well.
Testing
PhpUnit tests added (both previous formats + the new one; i.e. one test would fail on old codebase)
[x] This change adds test coverage
[ ] This change has been tested on the latest version of Symfony
Checklist
[x] I have read the Auth0 general contribution guidelines
[x] I have read the Auth0 Code of Conduct
[x] All existing and new tests complete without errors