I'm trying to verify a token from auth0 using guardian, but no matter which configuration I use, it always returns that my token is invalid (reason secret_not_found). Reaching you guys here because I've already tried/read all issues regarding this subject in the closed issues but all configurations stills return the same result (invalid_token).
Here is my configuration
# config.exs
config :guardian, Guardian,
allowed_algos: ["HS256"],
verify_module: Guardian.JWT,
issuer: "{{MY AUTH0 DOMAIN}}",
verify_issuer: false,
secret_key: "{{MY API SECRET KEY}}",
serializer: MyApp.GuardianSerializer
#guardian_serializer.ex
defmodule MyApp.GuardianSerializer do
@behaviour Guardian.Serializer
def for_token(id), do: {:ok, id}
def from_token(id), do: {:ok, id}
end
#guardian.ex (Guardian module)
defmodule Myapp.UserManager.Guardian do
use Guardian, otp_app: :api
alias AuthMe.UserManager
def subject_for_token(user_data, _claims) do
{:ok, to_string(user_data)}
end
end
#router.ex
pipeline :api do
plug :accepts, ["json"]
plug Guardian.Plug.Pipeline, module: MyApp.UserManager.Guardian,
error_handler: MyApp.UserManager.ErrorHandler
plug Guardian.Plug.VerifyHeader, realm: "Bearer"
plug Guardian.Plug.EnsureAuthenticated
plug Guardian.Plug.LoadResource
end
#error_handler
defmodule MyApp.UserManager.ErrorHandler do
import Plug.Conn
def auth_error(conn, {type, reason}, _opts) do
body = Poison.encode!(%{type: type, reason: to_string(reason)})
send_resp(conn, 401, body)
end
end
Just for matter of information, I'm trying to call the API using curl
curl --header "authorization: Bearer {{JWT REQUESTED FROM AUTH0}}" --request GET --url http://localhost:4000/api/users
No matter how I set the secret_key options the error is always the same, Not sure if I'm doing the serialization wrongly or what.
Hey folks,
I'm trying to verify a token from auth0 using guardian, but no matter which configuration I use, it always returns that my token is invalid (reason secret_not_found). Reaching you guys here because I've already tried/read all issues regarding this subject in the closed issues but all configurations stills return the same result (invalid_token).
Here is my configuration
Just for matter of information, I'm trying to call the API using curl
curl --header "authorization: Bearer {{JWT REQUESTED FROM AUTH0}}" --request GET --url http://localhost:4000/api/users
No matter how I set the secret_key options the error is always the same, Not sure if I'm doing the serialization wrongly or what.
Hope some one could help.