Coder Social home page Coder Social logo

oauth2-auth0's People

Contributors

edwardsmarkf avatar floatflower avatar neeckeloo avatar rojtjo avatar smatyas avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

adammendoza securecloud-biz efollender phronesis syslogic digitalartlab mattthehoople mosababdo edwardsmarkf smatyas floatflower rojtjo matrhack elliot-sawyer lodge104 jensstalder

oauth2-auth0's Issues

domain() method assumes only the US data centre is used

Line 22 src/Auth0.php:

return 'https://' . $this->account . '.auth0.com';

Ideally a required data centre param needs to be checked for when the class is constructed. We're using the EU data centre at the moment and currently it's impossible to use with this package.

"Auth0 account is not specified" with knpuniversity/oauth2-client-bundle

Hello,

I'm trying to connect through Auth0, but I get the error Auth0 account is not specified from this bundle when I try to reach /connect/auth0 route.

What is wrong ?

My setup is the following (Symfony 3.4)

knpu_oauth2_client:
    clients:
        auth0:
            type: auth0
            client_id: '%auth0_client_id%' (in parameters.yml)
            client_secret: '%auth0_client_secret%' (in parameters.yml)
            redirect_route: connect_auth0_check
            redirect_params: {}

    /**
     * @Route("/connect/auth0")
     *
     * @return \Symfony\Component\HttpFoundation\RedirectResponse
     * @throws \InvalidArgumentException
     */
    public function connectAction()
    {
        return $this->get('oauth2.registry')
            ->getClient('auth0')
            ->redirect();
    }

    /**
     * @Route("/connect/auth0/check", name="connect_auth0_check")
     *
     * @param Request $request
     * @throws \InvalidArgumentException
     */
    public function connectCheckAction(Request $request)
    {
        $client = $this->get('oauth2.registry')
            ->getClient('auth0');

        try {
            $user = $client->fetchUser();
            var_dump($user->getName());
        } catch (IdentityProviderException $e) {
            var_dump($e->getMessage());die;
        }
    }

Incompatible with current version of league/oauth2-client

Current release is 2.2.1
https://github.com/thephpleague/oauth2-client/releases

composer require riskio/oauth2-auth0
Using version ^0.1.0 for riskio/oauth2-auth0
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Installation request for riskio/oauth2-auth0 ^0.1.0 -> satisfiable by riskio/oauth2-auth0[v0.1.0].
    - Conclusion: remove league/oauth2-client 2.2.1
    - Conclusion: don't install league/oauth2-client 2.2.1
    - riskio/oauth2-auth0 v0.1.0 requires league/oauth2-client ~0.10 -> satisfiable by league/oauth2-client[0.10.0, 0.10.1, 0.11.0, 0.12.0, 0.12.1].
    - Can only install one of: league/oauth2-client[0.10.0, 2.2.1].
    - Can only install one of: league/oauth2-client[0.10.1, 2.2.1].
    - Can only install one of: league/oauth2-client[0.11.0, 2.2.1].
    - Can only install one of: league/oauth2-client[0.12.0, 2.2.1].
    - Can only install one of: league/oauth2-client[0.12.1, 2.2.1].
    - Installation request for league/oauth2-client (locked at 2.2.1) -> satisfiable by league/oauth2-client[2.2.1].

Is this client compatible?

Support JP Region

Currently, JP region has been added to Auth0, but this provider doesn't support this region.

not retrieving token

hello -

i am indeed seeing a long string code upon callback, but this block of code seems to be returning an empty array:

$token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]

"Auth0 account is not provided in" error message

hello -

in your instructions you show a login using:

$provider = new Riskio\OAuth2\Client\Provider\Auth0([
    'region'       => '{region}',
    'account'      => '{account}',
    'clientId'     => '{auth0-client-id}',
    'clientSecret' => '{auth0-client-secret}',
    'redirectUri'  => 'https://example.com/callback-url'
]);

and my login looks like this:

new Riskio\OAuth2\Client\Provider\Auth0([
    'region'        => Riskio\OAuth2\Client\Provider\Auth0::REGION_US,
    'account'           => 'php oauth test',
    'clientId'          => 'jXXXXXXXXXXXXy',
    'clientSecret'      => 'zXXXXXXXXXXXXXXXXXXXXXXXXXXX4',
    'redirectUri'       => $redirectUrl,
])

i am getting this error:

This site can’t be reachedphp%20oauth%20test.auth0.com’s server IP address could not be found.

i have tried including the domain, account, etc -- same error. has anybody ever seen this message?

note that on the oauth0 page, they show a login looking like this:

$auth0 = new Auth0([
  'domain' => 'dev-y-wc5m4m.auth0.com',
  'client_id' => 'jXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXoy',
  'client_secret' => 'YOUR_CLIENT_SECRET',
  'redirect_uri' => 'https://featherstester.site/phpTest/index.php',
  'persist_id_token' => true,
  'persist_access_token' => true,
  'persist_refresh_token' => true,
]);

thank you very much.

Wrong scope

I was about to use this package with the knpuniveristy/oauth2-client-bundle but the fetchUserData always returned an empty array.
It looks like the new default scope should be openid and profile . Furthermore, the default delimiter is , for the phpleague/oauth2-client but auth0 expect separation with space.

$user->getName() not returning anything

is there any reason why $user->getName() would return empty?
$user->getId() and $user->getEmail() also return empty.

<?php

require 'vendor/autoload.php';  // for php composer

session_start();   // added!

$provider = new Riskio\OAuth2\Client\Provider\Auth0([
        'region'                => Riskio\OAuth2\Client\Provider\Auth0::REGION_US,
        'account'               => 'deXXXXXXm',
        'clientId'              => '0XXXXXXXXXXXXXXXXXXXX4',
        'clientSecret'          => 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXn',
        'redirectUri'  => 'https://MYDOMAIN.com/auth0/auth0.php'
]);

if (!isset($_GET['code'])) {

    // If we don't have an authorization code then get one
    $authUrl = $provider->getAuthorizationUrl();
    $_SESSION['oauth2state'] = $provider->getState(); //$_SESSION['oauth2state'] = $provider->state;
    header('Location: ' . $authUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    unset($_SESSION['oauth2state']);
    exit('Invalid state');

} else {
    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code']
    ]);

    // Optional: Now you have a token you can look up a users profile data
    try {
        // We got an access token, let's now get the user's details
        $user = $provider->getResourceOwner($token);

        // Use these details to create a new profile
        printf('Hello %s!', $user->getName());

    } catch (Exception $e) {

        // Failed to get user details
        exit('Oh dear...');
    }
    // Use this to interact with an API on the users behalf
    echo $token->getToken();

Auth0 user returns 'sub' parameter instead of user_id

When I log in with Auth0, the response contains a sub parameter instead of the expected user_id parameter shown in Auth0ResourceOwner. Am I using Auth0 incorrectly, or has something changed recently (due to the purchase by Okta?)

    public function getId()
    {
        return $this->getValueByKey($this->response, 'user_id');
    }

I could probably work around that by tweaking this method to check for user_id, then sub if user_id isn't found. If that's an acceptable solution I can raise a PR.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.