lepture
commented
11 months ago I don't understand your issue. Is it related with Authlib?
Closed Zeebzog closed 11 months ago
lepture
commented
11 months ago I don't understand your issue. Is it related with Authlib?
Zeebzog
commented
11 months ago I'm not sure. Is this something that has been confirmed to work? I have tried everything to get this to work and I am now struggling to think of what to do next. Without a valid access token I am stuck on how to proceed with role based access to my APIs. Any help or ideas would be extremely welcomed.
bjmc
commented
11 months ago Is this something that has been confirmed to work?
Auth0 is very popular, so I doubt you're the only one using authlib with Auth0.
The access_token looks like a token but it is not valid and
How are you checking validity?
cannot be used or even interpreted by JWT,io
Are you sure they're supposed to be JWTs? This link suggests Auth0 defaults to opaque tokens.
I'd suggest opening a case with Auth0 support, unless you have a clear example showing this is a bug in Authlib.
lepture
commented
11 months ago @Zeebzog Hi, I think you need to contact Auth0 for help. I can't guess what's wrong with your description. I do offer commercial support https://authlib.org/support, if you need any help with your certain problems, maybe you can purchase a commercial consulting.
I have role based access turned on in Auth0. I log a user in from Flask using:
oauth.auth0.authorize_redirect(redirect_url)
In my callback from Auth0 I call:
token = oauth.auth0.authorize_access_token() session["user"]=token
The id_token, the userinfo etc. all looks OK
The access_token looks like a token but it is not valid and cannot be used or even interpreted by JWT,io
Have I missed something out that I should be setting?