Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth0 OAuth 2: Unable to get id_token #901

Open
ebeers-png opened this issue Apr 8, 2024 · 3 comments
Open

Auth0 OAuth 2: Unable to get id_token #901

ebeers-png opened this issue Apr 8, 2024 · 3 comments

Comments

@ebeers-png
Copy link

Expected behaviour

I'm using the Auth0 OAuth2 backend. When I log in with a user account, the social-core pipeline should get a response containing an id_token along with the access token.

Actual behaviour

After logging in, I get an error during Auth0OAuth2.get_user_details() at jwt.decode():

DecodeError at /complete/auth0/: Invalid token type. Token must be a <class 'bytes'>.

This seems to happen because the response doesn't contain an id_token (it only has access_token, expires_at, and token_type).

What are the steps to reproduce this issue?

I'm implementing this in Django using social-app-django. My Auth0 app is a Regular Web App on a developer account, and changing the app's grant types and authentication method hasn't fixed the error. I have the following environment variables set:

SOCIAL_AUTH_AUTH0_KEY
SOCIAL_AUTH_AUTH0_SECRET
SOCIAL_AUTH_AUTH0_DOMAIN

To reproduce, implement the Auth0OAuth2 backend with the above settings, and log in with a user account.

Any other comments?

The docs have no documentation yet for setting up the Auth0 backend, so I'm not sure if there's an environment variable I'm missing. Any guidance on the proper setup would be greatly appreciated!

@shavi-euka
Copy link

I have the same issue. anyone came up with an solution? @ebeers-png did you able to fix it?

@ebeers-png
Copy link
Author

I have the same issue. anyone came up with an solution? @ebeers-png did you able to fix it?

No, I wasn't able to fix it, and I haven't looked at it since April. I think the fix would be to write an Auth0 backend from scratch instead of relying on the faulty existing one.

@shavi-euka
Copy link

@ebeers-png I was able to fix it up. all bellow json to other settings in your Provider Configuration (OAuth)
{ "AUTH_EXTRA_ARGUMENTS": { "scope": "openid profile email" }, "DOMAIN": "auth0 app domain" }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

2 participants