Updating to Auth0 lock v.11.0.1 (OIDC conformance)#8
Conversation
…API. Passing both idToken and accessToken to AWS, since jwt requires idToken and OIDC conformant GET /usernfo requires accessToken.
…oken is needed for jwt verification and access token to access OIDC conformant Auth0 API /userinfo
|
Well the changes done by maxi works like a charm..thanks..!! |
|
@maxipesfix @pmrubenrao Hello, may I ask some questions? I used the code of maxipesfix, but I still could not success. I would like to know why. After logging in, both ID token and access token were obtained, but the user-profile still reported CORS error. I have tried to resolve the issue for weeks, but I have not been able to find a solution. |
|
cant comment without looking into the code. |
|
@pmrubenrao Thank you for your reply. Please forgive me for my bad English. I’m a student, I do not have deep skills, so I want to follow this book to learn and do some demos. Maybe the books content are out of date , I'm always in trouble. At first, I followed the progress of the book to study Chapter 5, but I found no way to implement it. Later, I followed the issues to make modifications, but I still could not solve it, as CORS exceptions would always appear. I try to test lambda function. Because many contents of the book are out of date, I have been confused for a long time unable to deal with, so I take the liberty to ask you questions, thank you in advance. |
|
I do face these issues while replicating this module. |
|
Thank you so much for solving my problem. I've been trying to make changes in the module again and again, but I've never added accessToken in the header. |
Since I wasn't able to make the original example work with Auth0Lock v.9 I updated the code of user-controller.js, Lambda, and Gateway API mapping to be conforming to Auth0Lock v.11.0.1 (OIDC).
Specifically the changes stem from the new API for user profile: /userinfo, which uses accessToken instead of idToken. Therefore I modified the js to pass both idToken and accessToken to Lambda, since idToken is still needed for jwt.
https://auth0.com/docs/api/authentication#user-profile