In laravel-auth0, the SDK is not exposed, so how can we renew tokens?

chris-workinggears · March 14, 2022, 2:03am

Please include the following information in your post:

Which SDK this is regarding: e.g. auth0-node
auth0/laravel-auth0
SDK Version: e.g. 2.29.0
6.5
Platform Version: e.g. Node 12.19.0
PHP8.1

Currently, as far as I can see, its impossible using the laravel-auth0 library to renew tokens.

Primary question
How do I issue a renew token request via laravel-auth0?

Notes:

I can access the refresh token
I have offline_access as a scope, and its enabled in the API
I can login/register
I can access the access token and correctly validate it

I’ve gone through all the source code, line by line, trying to figure this out.

The only way I can do it is by modifying the source (obviously not a solution).

In vendor/auth0/login/src/Auth0/Login/Auth0Service.php
If I add the following function, it works.

    public function renewTokens()
    {
        return $this->getSDK()->renewTokens();
    }

The alternative would be to construct a new SDK (new Auth0($config)), but I feel like a) that is a lot of duplicated code and is b) fragile making sure the two are in sync.
I also am not confident that would work as the whole provider is wrapped in a singleton, so creating a second seems to break that abstraction.

There is a beta (non production) version of the laravel lib, which does expose the SDK:
https://github.dev/auth0/laravel-auth0/tree/main/src

The beta is general looks like its doing a lot more than 6.5 in general, but can’t be used because its not production ready.

I’m a little surprised people haven’t hit this before? Renewing tokens would be pretty common? Unless I’m missing something painfully obvious…

chris-workinggears · March 16, 2022, 3:54am

This was answered via the issue tracker.
In short, no, its not exposed in v6.5 There doesn’t appear to be a clear way in a stateful laravel app to renew tokens and we should wait until v7 is available

github.com/auth0/laravel-auth0

Cannot renew tokens, the SDK is not exposed

opened 11:31PM - 15 Mar 22 UTC

closed 11:36PM - 15 Mar 22 UTC

chrisk-7777

triage

### SDK Version 6.5 ### PHP Version PHP 8.1 ### Composer Version 2.x ### W…hat happened? Currently, as far as I can see, its impossible using the laravel-auth0 library to renew tokens. Primary question How do I issue a renew token request via laravel-auth0? Notes: I can access the refresh token I have offline_access as a scope, and its enabled in the API I can login/register I can access the access token and correctly validate it I’ve gone through all the source code, line by line, trying to figure this out. The only way I can do it is by modifying the source (obviously not a solution). In vendor/auth0/login/src/Auth0/Login/Auth0Service.php If I add the following function, it works. ``` public function renewTokens() { return $this->getSDK()->renewTokens(); } ``` The alternative would be to construct a new SDK (new Auth0($config)), but I feel like a) that is a lot of duplicated code and is b) fragile making sure the two are in sync. I also am not confident that would work as the whole provider is wrapped in a singleton, so creating a second seems to break that abstraction. There is a beta (non production) version of the laravel lib, which does expose the SDK: https://github.dev/auth0/laravel-auth0/tree/main/src The beta is general looks like its doing a lot more than 6.5 in general, but can’t be used because its not production ready. I’m a little surprised people haven’t hit this before? Renewing tokens would be pretty common? Unless I’m missing something painfully obvious… ### How can we reproduce this issue? Try to renew a token with `app('auth0')->renewTokens()` ### Additional context _No response_

konrad.sopala · March 16, 2022, 1:44pm

Thanks for sharing it with the rest of community!