I’m a beginner in Auth0 and few days ago made iPhone app which use Auth0 login following the tutorial.
It was succeed so I could got accessToken and idToken successfully.
Just after that I tried to create nodejs server for API of that app with Auth0 jwt.
I followed the Auth0 tutorial this time too, and succeed to get 200 response with test access token from Auth0 API.
But my problem is when I request API on iPhone app with token, node server throw an exception.
If I send accessToken it throw UnauthorizedError: jwt malformed, and I found that the mobile accessToken has completely different format than the example accessToken.
UnauthorizedError: jwt malformed
at /Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/express-jwt/lib/index.js:102:22
at Object.module.exports [as verify] (/Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/jsonwebtoken/verify.js:63:12)
at verifyToken (/Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/express-jwt/lib/index.js:100:13)
at fn (/Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/async/lib/async.js:746:34)
at /Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/async/lib/async.js:1213:16
at /Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/async/lib/async.js:166:37
at /Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/async/lib/async.js:706:43
at /Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/async/lib/async.js:167:37
at Immediate.<anonymous> (/Volumes/Work/Work/NodeJS/GeoServer/GeoServer/node_modules/async/lib/async.js:1206:34)
at runCallback (timers.js:705:18)
And if I send idToken, the malformed exception is gone, but I got another error in this time.
Error: getaddrinfo ENOTFOUND undefined undefined:443
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:57:26)
I’m working this part in several days but haven’t found the solution yet.
Please give me any help to fix this issue.
Following is the node server codes.
import express from 'express';
import jwt from 'express-jwt';
import jwksRsa from 'jwks-rsa';
import cors from 'cors';
import bodyParser from 'body-parser';
const app = express();
app.use(cors());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
const port = 3000
// Create middleware for checking the JWT
const jwtCheck = jwt({
// Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint.
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `https://${process.env.AUTH0_DOMAIN}/.well-known/jwks.json`
}),
// Validate the audience and the issuer.
audience: process.env.AUTH0_AUDIENCE,
issuer: `https://${process.env.AUTH0_DOMAIN}`,
algorithms: ['RS256']
});
app.use(jwtCheck);
const locationHistory: any[] = [];
app.get('/', (req, res) => res.send('Hello World!'))
app.post('/api/location', (req, res) => {
locationHistory.push({latitude: req.body.latitude, longitude: req.body.longitude});
res.send(locationHistory);
})
app.listen(port, () => console.log(`API server is listening on port ${port}!`))
