I get this error when I run the code after downloading. Nothing was changed in the dashboard and nothing in the code. Simply trying an email login.

From searching more general I understand this is probably related to some setting somewhere.

https://github.com/coreos/go-oidc does not support HS256, so its an Auth0 thing? But I would expect these things all to be correct in a simple demo? Does this mean a simple email login implementation (in Go) is not possible?

Trying to pass the state parameter through Auth0, in order to create a proper redirect for users to appropriate page(s) after authentication succeeds.

However, nothing I've tried seems to work. The "state" parameter doesn't seem to be getting delivered to the callback along with the rest of the info. The Auth0 docs for this are just a 1 paragraph useless high level mention and no code either. 😦

Does anyone have this working, with Go?

In go.mod, the requested version of go should be:
go 1.18

It is currently:
go 1.16

Currently with the instructions, and without the fix, this is the result of "go run main.go"

github.com/gin-gonic/gin/render

vendor/github.com/gin-gonic/gin/render/html.go:23:19: undeclared name: any (requires version go1.18 or later)
...

Hello, I am currently trying to implement Auth0 within my app. I was following the golang Sdk Auth0 tutorial, and I have a question. Why do you store session in the file system not in cookie? I thought that cookie is easier to scale because you push the data onto the client instead of having session data for each user on your server.
I tried to convert your example to use cookie but did not work, because of the map[interface{}]interface{} is required.

(AUTH-3966)
Sample doesn't provide oidcConformant and audience parameters to auth0-lock.

I noticed the 2x Store.Get in

1. https://github.com/auth0-samples/auth0-golang-web-app/blob/master/01-Login/routes/middlewares/isAuthenticated.go
2. https://github.com/auth0-samples/auth0-golang-web-app/blob/master/01-Login/routes/user/user.go#L11

Why not use request context?

Btw in 2, maybe the session should be cleared (logout?) if it fails (session corrupted?)

What I try to accomplish to run this example to log in user who is a member of an organization.

1. I created an organization and put one my user as a member or it.
2. I modified application (which so far works fine - is able to log in user I mention above) and enable "What types of end-users will access this application? -> Team members of organization"
3. I enable "Display Organization Prompt" so I can choose organization on login screen and don't need to modify anything in application itself.
4. I try to log in, enter login screen where first I put organization name then user/password.
5. I get redirected to: http://localhost:3000/callback?error=access_denied&error_description=Unexpected token u in JSON at position 0&state=...

Question is: is that expected? Should application (authorization code flow basically) be modified somehow to work with organizations? I tried to use approach where organization is added to query params of the request but it seems to result in exactly the same state - callback called with an error.

Should go get work for this repo?

Trying it here on OSX with Go 1.8, it's erroring out:

$ go get github.com/auth0-samples/auth0-golang-web-app
# cd /Users/jc/go/src/github.com/auth0-samples/auth0-golang-web-app; git submodule update --init --recursive
fatal: No url found for submodule path '01-Login/src/github.com/astaxie/beego' in .gitmodules
package github.com/auth0-samples/auth0-golang-web-app: exit status 128

$ go get github.com/auth0-samples/auth0-golang-web-app/tree/master/01-Login
# cd /Users/jc/go/src/github.com/auth0-samples/auth0-golang-web-app; git submodule update --init --recursive
fatal: No url found for submodule path '01-Login/src/github.com/astaxie/beego' in .gitmodules
package github.com/auth0-samples/auth0-golang-web-app/tree/master/01-Login: exit status 128

Seems like something is wrong with the beego subdirectory in https://github.com/auth0-samples/auth0-golang-web-app/tree/master/01-Login/src/github.com/astaxie?

There is no logout button in this sample. (AUTH-3551)

site syncterest.com

oauth2: cannot fetch token: 401 Unauthorized
Response: {"error":"access_denied","error_description":"Unauthorized"}

I think something wrong with
// Exchanging the code for a token
token, err := conf.Exchange(oauth2.NoContext, code)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}

Is it possible to show another examples? or write worked code without strange os.Getenv

in the file login.go, line 22,

session, err := app.Store.Get(r, "auth-session")

gives an error:

Error: "securecookie: the value is not valid"

Would anybody provide any possible explanation or solution? thanks.

I Am not able to save auth-session for some reason. Does anyone else have the same issue? Because when checking for isAuthenticated, auth-session has empty map[]

(AUTH-3964)
When I'm using app with enabled OIDC Conformant option, no user info is shown.

Hi the facebook login isn't working when redirected at the http://localhost:3000/callback url, it fails to save
at line 72 in /routes/callback/callback.go with the following error line securecookie: the value is too long.

Sample using lock v10.4, when up-to-date version is 10.10. (AUTH-3706)

I downloaded the sample app from the Auth0 website for the application with which I want to integrate.
All the values (client id, etc ..) are set correctly and everything builds and starts as expected.
The problem is that on the first login attempt, the state value is not properly stored in the current session thus ending in an error in the callback function when attempting to compare the state in the query parameters with the one in the session that is "". On retry, without closing the tab or browser, it then seems to work correctly.
Ran on MacOS Big Sur (11.1) with Chrome (latest) and Go 1.14

Hi there,

I'm getting 401 on the token exchange when using auth0 with Google Connection enabled. Is there someone that can take a look at this functionality? The auth0 logs show a successful api call, but then we receive and error when retrieving the token.

Is there a way to pass a "next page" or any similar kind of info through the authentication process?

eg so if a person clicked the Login button when they were on page A, they can be returned to page A after the login has completed.

The "state" variable looked like the thing to use when first investigating this, but there aren't any working examples. 😦