Skip to content

Commit

Permalink
Allow both mgmt domain and regular domain for valid issuers
Browse files Browse the repository at this point in the history
  • Loading branch information
@keichan34
keichan34 committed Apr 12, 2021
1 parent 9d5b91e commit 23cd9dc
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions src/admin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import jwks from "jwks-rsa"

import * as keys from "./admin/keys"
import { decapitalize } from './lib'
import { AUTH0_DOMAIN } from './lib/auth0_client'
import { AUTH0_DOMAIN, AUTH0_MGMT_DOMAIN } from './lib/auth0_client'

const jwksClient = jwks({
cache: true,
Expand Down Expand Up @@ -37,7 +37,10 @@ const _handler: APIGatewayProxyHandler = async (event) => {
const verifiedToken = jwt.verify(token, signingKey.getPublicKey(), {
audience: 'https://api.propid.jp',
algorithms: ['RS256'],
issuer: `https://${AUTH0_DOMAIN}/`
issuer: [
`https://${AUTH0_DOMAIN}/`,
`https://${AUTH0_MGMT_DOMAIN}`,
],
}) as { [key: string]: any }
userId = verifiedToken.sub
} catch (e) {
Expand Down

0 comments on commit 23cd9dc

Please sign in to comment.