search

ueberauth / guardian

Elixir Authentication
MIT License
3.43k stars 382 forks source link

Guardian - Auth0 JWT verification always invalid #548

Closed gustavowt closed 5 years ago

gustavowt commented 5 years ago

Hey folks,

I'm trying to verify a token from auth0 using guardian, but no matter which configuration I use, it always returns that my token is invalid (reason secret_not_found). Reaching you guys here because I've already tried/read all issues regarding this subject in the closed issues but all configurations stills return the same result (invalid_token).

Here is my configuration

# config.exs

config :guardian, Guardian,
  allowed_algos: ["HS256"],
  verify_module: Guardian.JWT,
  issuer: "{{MY AUTH0 DOMAIN}}",
  verify_issuer: false,
  secret_key: "{{MY API SECRET KEY}}",
  serializer: MyApp.GuardianSerializer

#guardian_serializer.ex
defmodule MyApp.GuardianSerializer do
  @behaviour Guardian.Serializer
  def for_token(id), do: {:ok, id}
  def from_token(id), do: {:ok, id}
end

#guardian.ex (Guardian module)
defmodule Myapp.UserManager.Guardian do
  use Guardian, otp_app: :api

  alias AuthMe.UserManager

  def subject_for_token(user_data, _claims) do
    {:ok, to_string(user_data)}
  end
end

#router.ex
  pipeline :api do
    plug :accepts, ["json"]
    plug Guardian.Plug.Pipeline, module: MyApp.UserManager.Guardian,
                                 error_handler: MyApp.UserManager.ErrorHandler

    plug Guardian.Plug.VerifyHeader, realm: "Bearer"
    plug Guardian.Plug.EnsureAuthenticated
    plug Guardian.Plug.LoadResource
  end

#error_handler
defmodule MyApp.UserManager.ErrorHandler do
  import Plug.Conn

  def auth_error(conn, {type, reason}, _opts) do
    body = Poison.encode!(%{type: type, reason: to_string(reason)})
    send_resp(conn, 401, body)
  end
end

Just for matter of information, I'm trying to call the API using curl

curl --header "authorization: Bearer {{JWT REQUESTED FROM AUTH0}}" --request GET --url http://localhost:4000/api/users

No matter how I set the secret_key options the error is always the same, Not sure if I'm doing the serialization wrongly or what.

Hope some one could help.

gustavowt commented 5 years ago

Since nobody could help with this, I'm closing the issue.

Tks anyways