kerkmann/leptos_oidc
1
0
Fork 0
Code Issues 8 Pull requests 1 Projects Releases Packages Wiki Activity

Auth0 is not sending refresh_token without the offline_access scope #8

New issue
Open
opened 2024-03-29 20:45:01 +00:00 by kerkmann · 4 comments
kerkmann commented 2024-03-29 20:45:01 +00:00 (Migrated from gitlab.com)
Copy link

ACCs:

  • Update the documentation to make it more clear.
  • Make the refresh_token optional.
ACCs: - Update the documentation to make it more clear. - Make the `refresh_token` optional.
kerkmann commented 2024-05-02 23:30:40 +00:00 (Migrated from gitlab.com)
Copy link

changed the description

changed the description
aleeve commented 2024-05-05 20:14:30 +00:00 (Migrated from gitlab.com)
Copy link

Hi! Thanks for some really nice software!

I was using it with auth0 but after upgrading to 0.7 and the new openid configuration flow I've been having some problems. For me auth0 doesn't include the "end_session_endpoint" field, seems like a common issue: https://community.auth0.com/t/how-to-set-up-end-session-endpoint/105606

I worked around that by setting up a proxy that adds the v2/logout url as this missing field, and providing this proxy as the issuer field to you configuration. It didn't look like you use the 'parameters.issuer' after getting the json with the details. With that I can get an valid token when inspecting the traffic. But the token doesn't appear to be set so my components are still in the unauthenticated state.

Any suggestion on how to set this up with 0.7 and auth0? If you already got it working that is..

Example of missing end_session_endpoint:
https://dev-qcuxgjrapycf5ib4.us.auth0.com/.well-known/openid-configuration

Hi! Thanks for some really nice software! I was using it with auth0 but after upgrading to 0.7 and the new openid configuration flow I've been having some problems. For me auth0 doesn't include the "end_session_endpoint" field, seems like a common issue: https://community.auth0.com/t/how-to-set-up-end-session-endpoint/105606 I worked around that by setting up a proxy that adds the v2/logout url as this missing field, and providing this proxy as the issuer field to you configuration. It didn't look like you use the 'parameters.issuer' after getting the json with the details. With that I can get an valid token when inspecting the traffic. But the token doesn't appear to be set so my components are still in the unauthenticated state. Any suggestion on how to set this up with 0.7 and auth0? If you already got it working that is.. Example of missing end_session_endpoint: https://dev-qcuxgjrapycf5ib4.us.auth0.com/.well-known/openid-configuration
aleeve commented 2024-05-05 21:29:42 +00:00 (Migrated from gitlab.com)
Copy link

Added offline_access to scope and now it works like a charm.. Sorry I can't read..

Thanks again!

Added offline_access to scope and now it works like a charm.. Sorry I can't read.. Thanks again!
mh84 commented 2024-05-12 22:04:44 +00:00 (Migrated from gitlab.com)
Copy link

mentioned in issue #10

mentioned in issue #10
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
v0.7.0
v0.6.1
v0.6.0
v0.5.0
v0.4.1
v0.4.0
v0.3.0
v0.2.2
v0.2.1
v0.2.0
v0.1.1
v0.1.0
Labels
Clear labels   
WIP
No labels
WIP
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
kerkmann/leptos_oidc#8
No description provided.