The id_token I get back seems to be working great. I can decode it or send it to my api however I believe using it in the authorization header is a bad practice.
The problem is the access_token I get back is invalid. I get this when trying to decode it →
[InvalidTokenError: Invalid token specified: JSON Parse error: Unexpected EOF]
Here is the access_token
Note: it is missing the payload
Here is my code:
const auth0ClientId = "dKqbEwC****************......";
const authorizationEndpoint = "https://dev-39brjlao.us.auth0.com/authorize";
const useProxy = Platform.select({ web: false, default: true });
const redirectUri = AuthSession.makeRedirectUri({ useProxy });
export default function Auth0() {
const [name, setName] = useState(null);
const [request, result, promptAsync] = AuthSession.useAuthRequest(
{
redirectUri,
clientId: auth0ClientId,
responseType: "token id_token",
scopes: ["openid", "profile"],
extraParams: {
nonce: "nonce",
},
},
{ authorizationEndpoint }
);
console.log(`Redirect URL: ${redirectUri}`);
useEffect(() => {
if (result) {
if (result.error) {
Alert.alert(
"Authentication error",
result.params.error_description || "something went wrong"
);
return;
}
if (result.type === "success") {
const id_token = result.params.id_token;
const access_token = result.params.access_token;
const decoded = jwtDecode(id_token);
const { name } = decoded;
SecureStore.setItemAsync('id_token', id_token);
SecureStore.setItemAsync('access_token', access_token);
setName(name);
}
}
}, [result]);