I use a post-login action to add some user meta to the token.
Here’s how I receive and handle the token:
const isAuthenticated = await client.isAuthenticated();
let token;
if (isAuthenticated) {
try {
token = await client.getTokenSilently({aud: 'https://example'});
return {
token,
header: JSON.parse(atob(token.split('.')[0])),
payload: JSON.parse(atob(token.split('.')[1]))
}
} catch(e) { window.location.reload(); }
}
This has always worked, but fails if I add the user’s picture to the custom claim:
const customClaim = {
picture: event.user.picture
};
api.accessToken.setCustomClaim('example.user', customClaim);
That results in an error from atob()
about an invalid character. Why should this be so?
I can solve the problem by URL-encoding the picture URL, but I’m interested what’s up here.
Thank you in advance.