auth0

CORS failure in with Python Falcon even with heads for Auth Pre-Flight

核能气质少年 提交于 2019-12-10 10:44:25
问题 Receiving these error when using the OPTIONS verb in Angular2 http.get(url, options), even though the appropriate CORS headers are set in Falcon Rest API. XMLHttpRequest cannot load http://localhost:8000/names. Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response. resp.set_header("Access-Control-Allow-Origin", "*") resp.set_header("Access-Control-Allow-Credentials", "true") resp.set_header("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS

Verifying Auth0 JWT throws invalid algorigthm

只愿长相守 提交于 2019-12-10 04:17:24
问题 I have created an Auth0 client, I am logging in and receive this token: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1rVkdOa1l5T1VaQ1JqTkRSVE5EUmtNeU5rVkROMEUyUTBVMFJrVXdPVEZEUkVVNU5UQXpOZyJ9.eyJpc3MiOiJodHRwczovL3RvdGFsY29tbW56LmF1LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwMzI5NzA4OTYyMTk5NjUwMjY2MiIsImF1ZCI6ImxTWUtXMUZZdENkMWJLQmdXRWN0MWpCbmtDU3R2dW5SIiwiaWF0IjoxNTA5ODYyMTI1LCJleHAiOjE1MTAyMjIxMjV9.kjmckPxLJ4H9R11XiBBxSNZEvQFVEIgAY_jj2LBy4sEJozBB8ujGE7sq9vEIjMms

How to properly handle a JWT refresh?

十年热恋 提交于 2019-12-10 03:39:48
问题 I have an android app. It connects with a REST API developed with Jersey . My REST End points are secured with Tokens. Below is how I generate them. Algorithm algorithm = Algorithm.HMAC256(secret); String token = JWT.create() .withClaim("userName","myusername) .withExpiresAt(expirationDate) .sign(algorithm); Below is how I validate the token public boolean validateTokenHMAC256(String token, String secret) throws UnsupportedEncodingException, JWTVerificationException { Algorithm algorithm =

Cookies with a SameSite policy enforced are blocked in iOS 12 for SSO flows involving cross-origin requests

旧城冷巷雨未停 提交于 2019-12-09 16:51:06
问题 Summary: Third party login breaks in iOS / OS 12! We have a common login that works across multiple websites. This is working fine in Firefox, Chrome and Safari on Windows, macOS and iOS. But with iOS 12 and macOS 12, it seems cookies are no longer working from auth0 login window to our login API. It has stopped working not just in Safari, but on iOS 12 also in Chrome and Firefox (it still works in Chrome on Mac OS 12). I suspect this has to do with Intelligent Tracking Prevention 2.0, but I

XCTestCase with Auth0: How to dismiss security alert “XXXX” Wants to Use “auth0.com” to Sign In

試著忘記壹切 提交于 2019-12-08 19:42:13
问题 So recently Apple introduced this prompt: “XXXX” Wants to Use “auth0.com” to Sign In Where “XXXX” is the ios app name. This alert/dialog comes up when in the case of Auth0 the user clicks on “Login with Google” or “Login with Facebook”. That’s all nice but when running IOS UI tests, this dialog doesn’t go away when using the usual way of dismissing system dialogs: func doUserLogin(_ app: XCUIApplication) { app.staticTexts["notLoggedInActivelabel"].tap() // this will bring up oauth0 login

Custom authentication integration with parse-server and auth0

牧云@^-^@ 提交于 2019-12-08 17:38:12
问题 I would like to use auth0.com in conjunction with the open source-parse server. My current approach is to obtain the token from auth0 by using their standard login through the Lock library for iOS. With that token I would like to call a custom authentication method on my parse-server, that checks whether the token is valid and if it is will log in the user. My problem is that there is almost no documentation on writing custom oauth for parse-server. So far, I have this code for my custom auth

Why my auth0 token expires when refreshing page or clicking link in my Angular app?

江枫思渺然 提交于 2019-12-08 05:09:50
问题 I'm setting up authentication in my Angular SPA. I'm using auth0 and I was going through a tutorial on their page: https://auth0.com/docs/quickstart/spa/angular2 I did login tutorial. import { Injectable } from '@angular/core'; import * as auth0 from 'auth0-js'; import { Router } from '@angular/router'; @Injectable({ providedIn: 'root' }) export class AuthService { userProfile: any; private _idToken: string; private _accessToken: string; private _expiresAt: number; auth0 = new auth0.WebAuth({

Auth0 and angular2: how to set callbackURL and catch the token?

杀马特。学长 韩版系。学妹 提交于 2019-12-08 03:28:13
问题 I am trying to implement passwordless authentication with Auth0 and angular2 (2.0.0-rc.6), using angular2-webpack-starter and auth0-lock-passwordless. The form displays normally, and the authentication e-mail is sent using this code: this.lock.magiclink({ callbackURL:"http://localhost:3000/#/sandbox" }); The issues occur after I click the magic link in the e-mail: Even though the redirect_uri of the magic link seems correct (redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F%23%2Fsandbox), it is

Include user_metadata and app_metadata in JWT using Auth0

六眼飞鱼酱① 提交于 2019-12-08 01:01:49
问题 I am using Angular 2 and Auth0 for authentication on my web app. I am able to get the user profile using the following code: auth0 = new auth0.WebAuth({ domain: 'MY-DOMAIN', clientID: 'MY-CLIENT-ID', callbackURL: 'MY-CALLBACK', responseType: 'token id_token' }); Login: public login(username: string, password: string): void { this.auth0.client.login({ realm: 'Username-Password-Authentication', username, password }, (err: any, authResult: any) => { if (err) { alert('Error: ' + err.description);

Auth0 and angular2: how to set callbackURL and catch the token?

那年仲夏 提交于 2019-12-07 11:58:29
I am trying to implement passwordless authentication with Auth0 and angular2 (2.0.0-rc.6), using angular2-webpack-starter and auth0-lock-passwordless . The form displays normally, and the authentication e-mail is sent using this code: this.lock.magiclink({ callbackURL:"http://localhost:3000/#/sandbox" }); The issues occur after I click the magic link in the e-mail: Even though the redirect_uri of the magic link seems correct (redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F%23%2Fsandbox), it is ignored; Instead, after a successful login (checked in Auth0 logs), the url in the address bar is
订阅 auth0