search

serverless / examples

Serverless Examples – A collection of boilerplates and examples of serverless architectures built with the Serverless Framework on AWS Lambda, Microsoft Azure, Google Cloud Functions, and more.
https://www.serverless.com/examples/
Other
11.45k stars 4.47k forks source link

aws-node-auth0-custom-authorizers-api Private API returned 401 #411

Open ghost opened 5 years ago

ghost commented 5 years ago

I tried running aws-node-auth0-custom-authorizers-api. It logins successfully, public API is called successfully. But private API returns 401 with following error:

I had make a few changes also:

  1. Add algorithms: ["HS256"] to options passed to jwt.verify().
  2. Change AUTH0_CLIENT_PUBLIC_KEY to new Buffer(AUTH0_CLIENT_PUBLIC_KEY, "base64") when passing to jwt.verify().
verifyError { JsonWebTokenError: invalid signature
at /var/task/node_modules/jsonwebtoken/verify.js:133:19
at getSecret (/var/task/node_modules/jsonwebtoken/verify.js:90:14)
at Object.module.exports [as verify] (/var/task/node_modules/jsonwebtoken/verify.js:94:10)
at module.exports.auth (/var/task/handler.js:45:9) name: 'JsonWebTokenError', message: 'invalid signature' }

I am using serve for hosting frontend locally. FE is live on http://localhost:5000/

Any suggestions?

ghost commented 5 years ago

I was able to solve this by replacing AUTH0_CLIENT_PUBLIC_KEY with Client secret from Auth0. What I did was correct?