Hi,
I’m trying to implement a PopUp login with Lock v11 in my javascript app. It works: I can authorize and get user data. But only on login. If I try to refresh the token with lock.checkSession() and use this token to call lock.getUserInfo() I get {"error":"unauthorized","error_description":"invalid credentials"}. I checked that the request send to https://restegourmet.eu.auth0.com/userinfo is the same except the new token.
What could be wrong?
Here is my complete code. O call rg_auth0.init() on page load.
rg_auth0 = {
lock: null,
init: function () {
this._init_lock();
this._init_events();
this.refresh_token();
},
refresh_token: function () {
this.lock.checkSession({}, function(err, authResult) {
if (err) {
console.log ("checkSession error", err, authResult);
return;
}
rg_auth0._get_user_info(authResult);
});
},
show_lock: function () {
this.lock.show();
},
_init_lock: function () {
this.lock = new Auth0Lock(
php_to_js.AUTH0_CLIENT_ID,
php_to_js.AUTH0_DOMAIN,
{
autoclose: true,
auth: {
redirect: false,
responseType: 'token',
audience: php_to_js.AUTH0_AUDIENCE
}
}
);
},
_init_events: function () {
// Listening for the authenticated event
this.lock.on("authenticated", function(authResult) {
rg_auth0._get_user_info(authResult);
});
},
_get_user_info: function (authResult) {
console.log ("_get_user_info", authResult);
rg_auth0.lock.getUserInfo(authResult.accessToken, function(error, profile) {
if (error) {
console.log ("getUserInfo error", error, profile);
return;
}
console.log("getUserInfo success", authResult, profile);
});
},
};