Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

issuer and auth0_base_url should hold the same value...? #209

Open
francescopellegrini opened this issue Feb 13, 2024 · 1 comment
Open

issuer and auth0_base_url should hold the same value...? #209

francescopellegrini opened this issue Feb 13, 2024 · 1 comment

Comments

@francescopellegrini
Copy link
Member

Hi, I'm a bit annoyed by the fact that issuer and auth0_base_url contain basically the same value.

When I removed the trailing slash from issuer, token validation failed.
When I added the trailing slash to auth0_base_url, OpenID config retrieval failed (because the library adds a trailing slash of its own).

Could these values be unified into a single one?
@cottinisimone
Copy link
Contributor

Starting from this RFC i would say that issuer MIGHT contain the url of the authority that issued the token. It might be another value for other authorities and since this library is public i think it's better to leave it as it is.

For sure we can change metadata_url behaviour to add a trailing slash if the url doesn't end with a / only

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@francescopellegrini @cottinisimone