I used the quick start “Ruby On Rails API: Authentication” successfully. Created an API and everything works just fine. Then I tried to recreate the code but including all this on an existing Rails app and got an error.
The demo (working for me before) include this call to the JWT gem:
JWT.decode(token, nil,
true, # Verify the signature of this token
algorithm: "RS256",
iss: "https://" + ENV["AUTH0_DOMAIN"],
verify_iss: true,
aud: ENV["AUTH0_AUDIENCE"],
verify_aud: true)
The second parameter with nil
assigned, in the demo works, but in my project leads me to a JWT Error, understanding that the parameter used for public_key
shouldn’t be null. But it’s null in the demo and works. I’m kind of a newbie with JWT matters.
The only difference I found between the environments of the demo and my legacy project was the Rails version, 5 in the demo, and 4.x on mine. I can’t upgrade right now, so if you think in another thing I can be doing wrong it would be helpful.
DEMO in auth0: Auth0 Ruby On Rails API SDK Quickstarts: Authorization