Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check for sub if user_id is not present #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

elliot-sawyer
Copy link

Fixes #24

@neeckeloo
Copy link
Member

It seems that the user_id attribute is no longer present in the payload of the /userinfo endpoint.

https://auth0.com/docs/api/authentication#user-profile

IMO, you can replace the user_id attribute by sub and update the payload in the following test:

https://github.com/RiskioFr/oauth2-auth0/blob/master/tests/Auth0ResourceOwnerTest.php

@elliot-sawyer
Copy link
Author

I believe user_id is still present if you've logged in through one of the social plugins on the auth0 side, and may also be impacted by the requested scope. I left the user_id check in there for a couple reasons, namely

  • to avoid breaking applications where this is working (I can't be the first person to spot this, surely)
  • to avoid breaking existing tests
  • I don't understand everybody's use case

Re: the test, it appears to be taken directly from the oauth2-google plugin and doesn't appear relevant to the auth0 response? I would love to fix it but don't have a lot of experience with mock responses, some assistance would be appreciated. Thanks!

@elliot-sawyer
Copy link
Author

Just adding, I ran a test against a social login (Google) and it came back with the "sub" parameter instead of user_id. I've captured the response that came back, so I can use that to update the test.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Auth0 user returns 'sub' parameter instead of user_id
2 participants