Problem loging in using Wordpress Plugin

Hello,

When im trying to login using the Wordpress plugin I can see in the Auth0 dashboard logs that everything is working fine, but in Wordpress im getting this error:

Warning : openssl_verify(): supplied key param cannot be coerced into a public key in /path/to/wordpress/wp-content/plugins/auth0/lib/php-jwt/Authentication/JWT.php on line 186

You have logged in successfully, but there is a problem accessing this site: Invalid ID token (no algorithm) [error code: unknown]

I have the exact same settings in my local environment and there it seems to be working just fine. Am i doing something wrong or this is a known bug?

Hi @DigitalNatives … sorry for the trouble here.

I’ve seen that error pop up now and then and it’s typically related to server configuration. It’s saying that the certificate it’s getting is not valid for ID token decoding. That certificate is generated here:

https://github.com/auth0/wp-auth0/blob/master/lib/WP_Auth0_Api_Client.php#L786

… and correct for what OpenSSL wants.

Is your token algorithm in WordPress set to the same one as Auth0? wp-admin > Auth0 > Settings > Basic tab for WordPress, Auth0 Dashboard > Application settings > Advanced (at the bottom) > OAuth tab > JsonWebToken Signature Algorithm for Auth0? And is that set to HS256 or RS256?

Might be worth pinging your host with this question as well.

2 Likes

Hi @josh.cunningham it seems like OpenSSL is not correctly installed/configured on our server. Switching from RS256 to HS256 works fine! Thank you! :slight_smile:

Glad you got it figured out and thanks for checking back in! It would be worth it to investigate what’s going wrong as RS256 is the setting we recommend. Good explanation here:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.