Hey folks,
I’m back banging my head trying to get auth0 to play nicely with my Laravel app. All I want to use auth0 for is the login. User management is happening entirely within the app, so on login I want to check what comes back from auth0.
I’m not using the Laravel specific package for that reason. I want more granular control so I’m using the PHP SDK.
I have my 2 routes defined like so:
Route::get('login', function () {
$auth0 = new Auth0([
'domain' => config('services.auth0.domain'),
'clientId' => config('services.auth0.client_id'),
'clientSecret' => config('services.auth0.client_secret'),
'cookieSecret' => 'c1XhulxTocmsvHIQ1tBOp7McazNhkZV7',
'redirectUri' => config('services.auth0.redirect')
]);
$auth0->clear();
header("Location: " . $auth0->login(config('services.auth0.redirect')));
})->name('login');
that does what it needs to and redirects to universal login.
UL then correctly redirects to https://wahfires.test/login/auth0/callback?code=xxx&state=xxx and https://wahfires.test/login/auth0/callback is set as the callback URL for the application in the dashboard)
That URL runs executes this logic
Route::get('login/auth0/callback', function () {
$auth0 = new Auth0([
'domain' => config('services.auth0.domain'),
'clientId' => config('services.auth0.client_id'),
'clientSecret' => config('services.auth0.client_secret'),
'cookieSecret' => 'c1XhulxTocmsvHIQ1tBOp7McazNhkZV7',
'redirectUri' => config('services.auth0.redirect')
]);
$auth0->exchange(config('services.auth0.redirect'), request('code'));
header("Location: " . \route('home'));
});
but this results in an invalid state exception. I’ve cleared cookies etc but with no joy. Mightily frustrated.
Can anyone help?