Hi guys , im building my spa + laravel backend platform.
This is what I have so far:
1
Can login with my vuejs spa and get a jwt token form auth0.
2
Request a protected route and test both cases:
a - Valid success message when submiting provided token.
b - Not authorized message (403) when submiting random Bearer String.
3 But…
When decoding jwt there is no usefull info.
Would you point some working example for this flow?
How can I get authenticated user info ?
Next I will share my unsuscesfull attempt.
Taking this and adding some modifications , this is the route I have:
Route::get('/getAuth0User', function (Request $request) {
$jwt = $_GET['token'] ?? $_SERVER['HTTP_AUTHORIZATION'] ?? $_SERVER['Authorization'] ?? null;
if ($jwt !== null) {
// Trim whitespace from token string.
$jwt = trim($jwt);
if (substr($jwt, 0, 7) === 'Bearer ') {
$jwt = substr($jwt, 7);
}
$token = $jwt;
$tokenParts = explode(".", $token);
$tokenHeader = base64_decode($tokenParts[0]);
$tokenPayload = base64_decode($tokenParts[1]);
dd($tokenPayload);
})->middleware(['auth0.authorize']);
dd provides something like:
{
"iss": "https://dev-ezn7tyz.us.auth0.com/",
"sub": "google-oauth2|11028787487949742512",
"aud": [
"https://dev.w.lalal.cial",
"https://dev-ez67tz.us.auth0.com/userinfo"
],
"iat": 1657477224,
"exp": 1657563624,
"azp": "6qqkwbmK1OKqwrSE9Y6JBiiHCXEsIaJd",
"scope": "openid profile email"
}
This does not any make sense for me,
How can I get usefull data ?
Any feedback would be great!
Regards.