Skip to content
This repository has been archived by the owner on May 1, 2019. It is now read-only.

Lock passwordless ignoring authParams scope #102

Open
yvonnewilson opened this issue Mar 26, 2016 · 5 comments
Open

Lock passwordless ignoring authParams scope #102

yvonnewilson opened this issue Mar 26, 2016 · 5 comments

Comments

@yvonnewilson
Copy link

Cross reference customer reported issue: 6766
JWT generated by passwordless authentication (email link) doesn't include email
Set up passwordless connection with all default values for Settings screen and set Authentication Parameters to {'scope':'openid email'} (also tried 'openid profile' - same thing
Logged in with magic link, but JWT returned does not include email.

Used try button in passwordless connection to send email.
Clicked on magic link button in email and was apparently logged in.
Dashboard -> Users shows a login for the email address used in TRY screen with connection 'email'.
User Details screen shows email address for user has a value.
Logs screen shows successful login via connection 'email' as well.

screen shot 2016-03-25 at 9 01 34 pm

Used jwt.io as callback for application and to display JWT resulting from authentication.
@yvonnewilson
Copy link
Author

What is the correct syntax for the Authentication Parameter?
I tried both 'scope' (with quote) and scope (without quote)
The default value on this screen for Auth Parameters shows 'scope':'openid profile'
e.g. with quote marks around the "scope"
however, our docs pages show scope parameter without quote marks around scope.
https://auth0.com/docs/libraries/lock/sending-authentication-parameters#supported-parameters

Resulting JWT only includes the default properties - iss, sub, aud, exp and iat

@arcseldon
Copy link

@yvonnewilson - re. quotes versus no quotes for scope object attribute name - this is down to a peculiarity of JavaScript, in that Object keys resolve to Strings. eg.

△  node
> var a = { scope: 'openid email'}
{ scope: 'openid email' }

> var b = { 'scope': 'openid email'}
{ scope: 'openid email' }

Basically equivalent syntax. Agreed, docs should be consistent to avoid confusion.

@gnandretta gnandretta mentioned this issue Mar 28, 2016
Open
@gnandretta
Copy link
Contributor

@yvonnewilson I can't reproduce this, I always get the email when I provide the scope "openid email" or "openid profile".

Also, I've created a separate issue for the options syntax.

@yvonnewilson
Copy link
Author

Note - in playground, response type was set to token but it behaved as if it was set to code.
Had to set response type to code and then back to token.
Gabriel said when you change callback url, it may reset response type to code, but UI doesn't get updated to reflect that?

@gnandretta
Copy link
Contributor

we already have #70 for the issue @yvonnewilson described in the last comment

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gnandretta @arcseldon @yvonnewilson