happyr / auth0-bundle Goto Github PK

Thanks for this, it looks great. Seeing an exception at install in Symfony 5.2

Executing script cache:clear [KO]
[KO]
Script cache:clear returned with error code 1
!!
!! In ArrayNode.php line 222:
!!
!! The child config "domain" under "happyr_auth0" must be configured.
!!
!!
!!

Hi @Nyholm,
I encounter an issue when trying this bundle, in [email protected], every classes are final.
In my project, I got the symfony/proxy-manager-bridge component installed. As you declared services as lazy in the configuration, it ends up with the following error:
ProxyManager\Exception\InvalidProxiedClassException: Provided class "Auth0\SDK\API\Authentication" is final and cannot be proxied

Do you think we can simply remove the lazy services configuration ?
If OK for you, i will push a PR.

We should either remove the config value (because it is never used) or make sure to use it.

https://auth0.com/docs/custom-domains/configure-features-to-use-custom-domains#apis

I've always used the "login domain" as a page where you redirect the users to login. All API requests is done with the normal tenant domain.

Hi there,

I want to use this within API platform which currently uses Symfony v6 components. I noticed that the bundle is labelled working for 5 but not for 6 but thought I would try it. As expected it's not working but I have forked the project and begun to make a branch that is compatible with 6.0 but it will break backwards compatibility. I have yet to test this so it's a bit of a draft for now.

You can find the branch here - https://github.com/chrisl-peopleplus/auth0-bundle/tree/symfony-6.

As soon as I am confident it's working I'll submit a PR

Hi @Nyholm,
Inside the Auth0Authenticator::authenticate method, there is a call to Auth0\SDK\API\Authentication::userinfo from access_token to retriev user informations.
In the case of social_login, the payload doesn't contain a user_id key, and the UserBadge can't be constructed with an Exception

Hi @Nyholm,
The auth0-php:@8.0.0-BETA1 fail to issue login link without defining cookieSecret parameter for SdkConfiguration (however defined as optionnal in code and documentation).
Configuration injected in the SdkConfiguration $oponfiguration argument is fixed the ConfigurationProvider service declaration.
How can we allow to define all available configuration:

• Take a free array in the bundle configuration and let auth0 do the validation ?
• Specify every SdkConfiguration constructor argument explicity in the bundle configuration to validate eveything is well configured before pass arguments to auth0 configuration ?

What do you think ?

Created new Symfony 5.3 project, tried to install the bundle and got this error message:

  Problem 1
    - Root composer.json requires happyr/auth0-bundle ^0.8.1 -> satisfiable by happyr/auth0-bundle[0.8.1].
    - happyr/auth0-bundle 0.8.1 requires psr/log ^1.0 -> found psr/log[1.0.0, ..., 1.1.4] but the package is fixed to 2.0.0 (lock file version) by a partial update and that version does not match. Make sure you list it as an argument for the update command.

Is there any particular reason to lock psr/log to version ^1?

This is my config.

I post it here for reference. Maybe we should add it to the docs.

happyr_auth0:
    sdk:
        domain: '%env(AUTH0_DOMAIN)%'
        customDomain: '%env(AUTH0_LOGIN_DOMAIN)%'
        clientId: '%env(AUTH0_CLIENT_ID)%'
        clientSecret: '%env(AUTH0_SECRET)%'
        tokenCache: 'cache.redis'
        managementTokenCache: 'cache.redis'
        cookieSecret: '%kernel.secret%'
        transientStorage: 'auth0.storage.transient'
        sessionStorage: 'auth0.storage.session'
        scope:
            - openid # "openid" is required.
            - profile
            - email
    firewall:
        check_route: default_login_check
        failure_path: default_logout
        default_target_path: startpage

services:
    auth0.sdk_cookie_config:
        class: Auth0\SDK\Configuration\SdkConfiguration
        arguments:
            - cookieSecret: '%kernel.secret%'
              domain: '%env(AUTH0_DOMAIN)%'
              customDomain: '%env(AUTH0_LOGIN_DOMAIN)%'
              clientId: '%env(AUTH0_CLIENT_ID)%'
              clientSecret: '%env(AUTH0_SECRET)%'

    auth0.storage.cookie_transient:
        class: Auth0\SDK\Store\CookieStore
        factory: ['@auth0.sdk_cookie_config', 'getTransientStorage']

    auth0.storage.cookie_session:
        class: Auth0\SDK\Store\CookieStore
        factory: ['@auth0.sdk_cookie_config', 'getSessionStorage']

    auth0.storage.transient:
        class: Auth0\SDK\Store\Psr6Store
        arguments: ['@auth0.storage.cookie_transient', '@cache.redis']

    auth0.storage.session:
        class: Auth0\SDK\Store\Psr6Store
        arguments: ['@auth0.storage.cookie_session', '@cache.redis']

when@test:
    services:
        test.auth0.session_storage:
            class: Auth0\SDK\Store\MemoryStore

        test.auth0.transient_storage:
            class: Auth0\SDK\Store\MemoryStore

    happyr_auth0:
        sdk:
            transientStorage: test.auth0.transient_storage
            sessionStorage: test.auth0.session_storage

... because you abandoned it.

Hey there,

I was planning to use this bundle as a way to grab and confirm a JWT token issued by Auth0 and can see that this is not really supported in the current codebase. I've been able to get a very basic version of this up and running by supplying an encoder to the LexikJWTBundle and wondered if you would want this added to the bundle as an optional extra?

Let me know your thoughts and then I can look to making the code below actually work with the bundle.

The encoder would look something like this (untested)

<?php

namespace App\Encoder;

use Auth0\SDK\Configuration\SdkConfiguration;
use Auth0\SDK\Exception\InvalidTokenException;
use Auth0\SDK\Token;
use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;

class Auth0JWTEncoder implements JWTEncoderInterface
{
    private SdkConfiguration $sdkConfiguration;

    public function __construct(SdkConfiguration $sdkConfiguration)
    {
        $this->sdkConfiguration = $sdkConfiguration;
    }

    public function encode(array $data)
    {
        // Not be needed but required by interface
    }

    public function decode($token): array
    {
        $auth0TokenVerifier = $this->createTokenVerifyer($token);
        try {
            $auth0TokenVerifier->validate();
            $auth0TokenVerifier->verify();
        } catch (InvalidTokenException $e) {
            throw new AuthenticationException('Invalid Auth0 token', 0, $e);
        }

        return $auth0TokenVerifier->toArray();
    }

    private function createTokenVerifyer(string $token): Token
    {
        return new Token($this->sdkConfiguration, $token, Token::TYPE_ID_TOKEN);
    }
}