I used the quick start “Ruby On Rails API: Authentication” successfully. Created an API and everything works just fine. Then I tried to recreate the code but including all this on an existing Rails app and got an error.
The demo (working for me before) include this call to the JWT gem:
JWT.decode(token, nil, true, # Verify the signature of this token algorithm: "RS256", iss: "https://" + ENV["AUTH0_DOMAIN"], verify_iss: true, aud: ENV["AUTH0_AUDIENCE"], verify_aud: true)
The second parameter with
nil assigned, in the demo works, but in my project leads me to a JWT Error, understanding that the parameter used for
public_key shouldn’t be null. But it’s null in the demo and works. I’m kind of a newbie with JWT matters.
The only difference I found between the environments of the demo and my legacy project was the Rails version, 5 in the demo, and 4.x on mine. I can’t upgrade right now, so if you think in another thing I can be doing wrong it would be helpful.