Skip to content

Commit

Permalink
fix: remove default auth0 audience (#239)
Browse files Browse the repository at this point in the history
  • Loading branch information
kazazes authored and pi0 committed Sep 10, 2018
1 parent 398a515 commit abfa084
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 8 deletions.
11 changes: 8 additions & 3 deletions docs/providers/auth0.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ auth: {
strategies: {
auth0: {
domain: 'domain.auth0.com',
client_id: '....'
client_id: '....',
audience: 'https://my-api-domain.com/'
}
}
}
Expand All @@ -30,8 +31,12 @@ User will be redirected to a page like this:

💁 This provider is based on [oauth2 scheme](../schemes/oauth2.md) and supports all scheme options.

### Obtaining `client_id` and **`domain`**
### Obtaining `client_id`, `domain`, and `audience`

This options are **REQUIRED**. Your application needs some details about this client to communicate with Auth0. You can get these details from the Settings section for your client in the [Auth0 dashboard](https://manage.auth0.com).
`client_id` and `domain` are **REQUIRED**. Your application needs some details about this client to communicate with Auth0.

`audience` is required _unless_ you've explicitly set a default audience [on your Auth0 tenent](https://manage.auth0.com/#/tenant).

You can get your `client_id` and `domain` the Settings section for your client in the [Auth0 API dashboard](https://manage.auth0.com/#/applications). Your audience is defined on your [client's API](https://manage.auth0.com/#/apis).

<img align="center" src="https://cdn2.auth0.com/docs/media/articles/dashboard/client_settings.png">
5 changes: 2 additions & 3 deletions lib/providers/auth0.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,5 @@ module.exports = function auth0 (strategy) {
authorization_endpoint: `https://${strategy.domain}/authorize`,
userinfo_endpoint: `https://${strategy.domain}/userinfo`,
scope: ['openid', 'profile', 'email'],
audience: strategy.domain
})
}
});
};
7 changes: 5 additions & 2 deletions lib/schemes/oauth2.js
Original file line number Diff line number Diff line change
Expand Up @@ -70,8 +70,11 @@ export default class Oauth2Scheme {
client_id: this.options.client_id,
redirect_uri: this._redirectURI,
scope: this._scope,
audience: this.options.audience,
state: randomString()
state: randomString(),
};

if (this.options.audience) {
opts.audience = this.options.audience;
}

this.$auth.$storage.setLocalStorage(this.name + '.state', opts.state)
Expand Down

0 comments on commit abfa084

Please sign in to comment.