Skip to content

Commit

Permalink
Merge pull request #7 from tacomanator/master
Browse files Browse the repository at this point in the history
Fixes #6 removes auth0 hard coding in user_id (but defaults to auth0 if not present)
  • Loading branch information
LordZardeck authored Jun 20, 2017
2 parents ee93f0d + be32b9d commit 5261a38
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 5 deletions.
7 changes: 6 additions & 1 deletion Auth0Token.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ var Auth0Token = function() {
bodyInput = {
email: this.email,
iss: this.issuer,
sub: "auth0|" + this.userId,
sub: this.userId,
aud: this.clientId,
exp: now + 60 * 60 * 24 * 7,
iat: now
Expand All @@ -21,6 +21,11 @@ var Auth0Token = function() {
? { b64: jsrassign.b64utob64(this.clientSecret) }
: this.clientSecret;

// provider should be included in userId, but assume auth0 if not
if (bodyInput.sub.split("|").length === 1) {
bodyInput.sub = "auth0|" + bodyInput.sub;
}

return (
"Bearer " + jsrassign.jws.JWS.sign(null, headerInput, bodyInput, secret)
);
Expand Down
8 changes: 4 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ This project was created to help simplify testing our API with paw, authenticati

You will need your app's `clientId` and `clientSecret` in order to sign the token properly. You can get these from your dashboard.

You will also need your account's issuer, typically, `https://<accountName>.auth0.com/`.
You will also need your account's issuer, typically, `https://<accountName>.auth0.com/`.

> **IMPORTANT:** You _**MUST**_ include a trailing `/` in the issuer or it will not be valid
> The trailing slash `/` in the issuer may be required, depending on your setup
Finally, to login as a specific user, you will need their `userId` and thier `email`
Finally, to login as a specific user, you will need their `userId` (`email` is optional). The provider portion of the `userId` should be included.

To utlize the token, create a header, and as the value, use `Auth0 Authorization Token`
To utilize the token, create a header, and as the value, use `Auth0 Authorization Token`

0 comments on commit 5261a38

Please sign in to comment.