Integrating Auth0 to Heroku

phu0n9 · September 8, 2021, 11:55am

Hi there,
First of all, thank you for creating this very cool product, it only takes me few minutes to integrate it into my project.
I have a big issue when integrating with Heroku. It works normally and very smoothly on my localhost but somehow I got “No authorization token was found” when clicking on my heroku app.
The normal behavior is when i entered “http://localhost:3000” and it will redirect to auth0 login. However when i entered my heroku app, it does not redirect and show “No authorization token was found”.
I found this answer and i have done the linking app to Heroku in both ways(addon on heroku and SSO integration) but it does not work: Auth0 Integration With Heroku - #6 by pleasehelp

Code i use in my Express Server

var jwtCheck = jwt({
    secret: jwks.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 5,
        jwksUri: process.env.JWKS_URI
  }),
  audience: process.env.JWT_AUDIENCE,
  issuer: process.env.JWT_ISSUER,
  algorithms: ['RS256']
})
app.get('/protected', jwtCheck,async (req, res) => {
    try{
        const accessToken = req.headers.authorization.split(' ')[1]
        const response = await axios.get(process.env.JWT_ISSUER+'userInfo',{
            headers:{
                authorization: `Bearer ${accessToken}`
            }
        })
        res.send(response.data)
    }
    catch(error){
        console.log(error.message)
    }
})

when i use

.unless({path: ['/']})

in the jwtCheck, when pushing to heroku it will show Not found

The React page configuration looks very the same as the tutorial, where the audience would be the my Express server audience

const Auth0ProviderWithHistory = ({ children }) => {
  const domain = process.env.REACT_APP_AUTH0_DOMAIN
  const clientId = process.env.REACT_APP_AUTH0_CLIENT_ID

  const history = useHistory()

  const onRedirectCallback = (appState) => {
    history.push(appState?.returnTo || window.location.pathname)
  }

  return (
    <Auth0Provider
      domain={domain}
      clientId={clientId}
      redirectUri={window.location.origin}
      onRedirectCallback={onRedirectCallback}
      audience={process.env.REACT_APP_AUTH0_AUDIENCE}
      scope={process.env.REACT_APP_AUTH0_SCOPE}
      useRefreshTokens={true}
    >
      {children}
    </Auth0Provider>
  )
}

export default Auth0ProviderWithHistory

Please helppppp

phu0n9 · September 12, 2021, 2:54pm

This is solved by deleting this jwtCheck function as this function is to check the user session key to protect the API. In above thing, I put this function in my server.js and use app.use(jwtCheck), it cannot find the authentication key, hence that error would appear.
Finally, this jwtCheck is only used for API protection only.
Please not making this stupid mistake like me

system · September 27, 2021, 2:55pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.