Auth0“未找到服务”错误
[英]Auth0 "service not found" error
问题描述
I'm attempting to use Auth0 to issue JWT tokens for accessing my API (so that Auth0 handles all the OAuth and security concerns, etc., and my API just needs to check the token).
我正在尝试使用 Auth0 颁发 JWT 令牌以访问我的 API(以便 Auth0 处理所有 OAuth 和安全问题等,而我的 API 只需要检查令牌)。 When I try to test the Authorization Code flow for clients to receive an access token (using Node + Express), the following happens:当我尝试测试客户端的授权代码流以接收访问令牌(使用 Node + Express)时,会发生以下情况:
The authorization code request works fine, and the client is redirected back to my redirect_uri with the code appended to the query.
授权代码请求工作正常,客户端被重定向回我的 redirect_uri 并将代码附加到查询中。 All good.都好。The token request then always fails.
然后令牌请求总是失败。 If I include the audienceparameter, the request returns anaccess_deniederror with the following details:Service not found: {the audience parameter}, regardless of what value I set for theaudienceparameter.如果我包含audience参数,请求将返回一个access_denied错误,其中包含以下详细信息:Service not found: {the audience parameter},无论我为audience参数设置了什么值。If I don't include the
audienceparameter, I get aserver_errorwith the messageService not found: https://oauth.auth0.com/userinfo.如果我不包含audience参数,server_error收到server_error消息,并显示Service not found: https://oauth.auth0.com/userinfo。
I've checked every Auth0 setting and read every documentation page thoroughly, and so far nothing has worked.我已经检查了每个 Auth0 设置并彻底阅读了每个文档页面,但到目前为止没有任何效果。 I've also tested the Authorization Code flow in Auth0's API debugger, and it worked fine.我还在 Auth0 的 API 调试器中测试了授权代码流程,它运行良好。 My test follows exactly the same parameters, and yet still receives an error requesting the token.我的测试遵循完全相同的参数,但仍然收到请求令牌的错误。 I'm testing on localhost.我正在本地主机上测试。 The client credentials and implicit flows are working fine.客户端凭据和隐式流工作正常。
Here is a test endpoint I created which retrieves the authorization code from Auth0:这是我创建的一个测试端点,它从 Auth0 检索授权代码:
const qs = require('querystring'); const getCode = (req, res) => { const params = { audience, // the value of the API Audience setting for the client client_id, // the client ID redirect_uri, // the redirect_uri, which is also listed in the Allowed Callback URLs field response_type: `code`, scope: `offline_access open` // ask to return ID token and refresh token, state: `12345`, }; const authDomain = `mydomain.auth0.com/oauth`; res.redirect(`${authDomain}/oauth/authorize?${qs.stringify(params)}`); };
The redirect_uri then redirects to the following endpoint, where I make the request for the access token: redirect_uri然后重定向到以下端点,我在那里请求访问令牌:
const https = require('https'); const callback = (req, res) => { const body = { client_id, client_secret, code: req.query.code, grant_type: `authorization_code`, redirect_uri, // same value as provided during the code request }; const opts = { headers: { 'Content-Type': `application/json` }, hostname: `mydomain.auth0.com`, method: `POST`, path: `/oauth/token`, }; const request = https.request(opts, response => { let data = ``; response.on(`data`, chunk => { data += chunk; }); response.on(`error`, res.send(err.message)); response.on(`end`, () => res.json(JSON.parse(data))); // this executes, but displays the error returned from Auth0 }); request.on(`error`, err => res.send(err.message)); request.end(JSON.stringify(body), `utf8`); };
Any suggestions as to what I might be doing wrong?关于我可能做错了什么的任何建议?
3 个解决方案
解决方案1
4 已采纳 2017-04-16 03:07:51
The issue was that I was calling the incorrect URL at Auth0.问题是我在 Auth0 调用了错误的 URL。 I mistakenly thought that both the authorization and token endpoints began with /oauth , when in fact the authorization endpoint is just /authorize , while the token endpoint is /oauth/authorize .我错误地认为授权和令牌端点都以/oauth开头,而实际上授权端点只是/authorize ,而令牌端点是/oauth/authorize 。 Correcting the URLs in my code fixed the problem.更正我的代码中的 URL 解决了这个问题。
解决方案2
1 2020-02-28 11:02:13
My solution was the identifier of the api was not found.我的解决方案是找不到api的标识符。 If it is not exact it won't find it.如果它不准确,它就不会找到它。 I had an extra backslash on my 'audience' where the identifier didnt have one.我在我的“观众”上有一个额外的反斜杠,其中标识符没有。 pretty easy mistake but the error is not very clear in Auth0.很容易出错,但错误在 Auth0 中不是很清楚。
解决方案3
0 2021-12-22 11:48:13
In my case, I was using auth0 react hooks.就我而言,我使用的是 auth0 反应钩子。 So the example code looked like this:所以示例代码如下所示:
const getUserMetadata = async () => {
const domain = process.env.REACT_APP_AUTH0_DOMAIN
try {
const accessToken = await getAccessTokenSilently({
audience: `https://${domain}/api/v2/`,
scope: 'read:current_user',
})
console.log('accessToken', accessToken)
localStorage.setItem('access_token', accessToken)
setUserAuthenticated(true)
} catch (e) {
console.log('error in getting access token', e.message)
}
}
My solution to this was using by default Auth0 Audience value in audience field我对此的解决方案是在audience字段中默认使用 Auth0 Audience 值
const getUserMetadata = async () => {
const auth0audience = process.env.REACT_APP_AUTH0_AUDIENCE
try {
const accessToken = await getAccessTokenSilently({
audience: auth0audience,
scope: 'read:current_user',
})
console.log('accessToken', accessToken)
localStorage.setItem('access_token', accessToken)
setUserAuthenticated(true)
} catch (e) {
console.log('error in getting access token', e.message)
}
}
Because its stated in auth0 docs of configuring custom domains that, you need to use by default API audience因为它在配置自定义域的 auth0 文档中说明,您需要默认使用 API 受众
Source - https://auth0.com/docs/brand-and-customize/custom-domains/configure-features-to-use-custom-domains来源 - https://auth0.com/docs/brand-and-customize/custom-domains/configure-features-to-use-custom-domains
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.