Wordpress plugin Auth0 access_token payload data is empty while decode jwt

vijayavel.rajasekara · December 23, 2022, 7:23pm

Trying to use Auth0 access_token as Bearer token for external api
but the jwt aud is not valid

In Angular by silent token receiving the below token
{
“iss”: “https://domain.auth0.com/”,
“sub”: “email|6333db8bfc6ca34660c6190e”,
“aud”: [
“https://domain.auth0.com/api/v2/”,
“https://domain.auth0.com/userinfo”
],
“iat”: 1671798414,
“exp”: 1671884814,
“azp”: “XXXXXXXXXXXXXXXXXXXXXXXXXXXXX”,
“scope”: “openid profile email offline_access”
}

In worpress from the hook i can able to get id_token and access token

function marketplace_hook_auth0_user_login($user_id, $userinfo, $is_new, $id_token, $access_token, $refresh_token)
{

update_user_meta($user_id, 'auth0_id_token', $id_token);
// update_user_meta($user_id, 'auth0_access_token', $access_token);

}
add_action(‘auth0_user_login’, ‘marketplace_hook_auth0_user_login’, 10, 6);

while decoding the access_token get the above screen shot payload empty.
so the access_token is getting jwt error

[body] => {“message”:“jwt audience invalid. expected: https://domain.auth0.com/api/v2/”}
[response] => Array
(
[code] => 401
[message] => Unauthorized
)

vijayavel.rajasekara · December 27, 2022, 12:31pm

Solved by using

add_action('auth0_authorize_url_params', 'authoParams', $priority = 10, $args = 1);
function authoParams($params)
{
    $opts = WP_Auth0_Options::Instance();
    $params['audience'] = 'https://' . $opts->get('domain') . '/api/v2/';

    return $params;
}

system · January 10, 2023, 12:32pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.