I have a project that uses auth0. I used the SPA react quickstart and that worked. Used the quickstart for the golang API. When the react SPA makes calls to the public endpoint, it works. but when the private endpoint is queried, I get the “JWT is missing” even though I attached it to the authorization header as a bearer token. Can someone please help me debug this issue? The JWT middleware has this issue.
Hey there!
I guess the best way to handle that would be to raise the issue in the qucikstart repo so we can work on that directly with the repo maintainers. Once you have a link to it you can share it here so we can ping them. Thank you!
1 Like
Having similar issues with the auth0/go-jwt-middleware package. When setting up the validator:
keyFunc := func(ctx context.Context) (interface{}, error) {
// Our token must be signed using this data.
return []byte("secret"), nil
}
// Set up the validator.
jwtValidator, err := validator.New(
keyFunc,
validator.RS256,
"https://xxxxx.us.auth0.com",
[]string{"https://xxxx.com"},
)
What is that secret suppose to be in the keyFunc function? When using RS256, there isn’t a secret key associated with it in the dashboard and there is no way to get the private key from the tenant server. The example from the repo uses HS256, which would work if you have an app that uses HS256. Can someone please advise on how to set up a jwt middleware auth for RS256?
@konrad.sopala, do you mean create an issue for this repo? GitHub - auth0/go-jwt-middleware: A Middleware for Go Programming Language to check for JWTs on HTTP requests
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.