Activities

suenot

suenot posted a new question

auth-module •

Can't connect with apollo-module

After auth with auth0 I had in localstorage key like this (I change private key to another in this issue):
auth._token.auth0: Bearer XaMLpJ_OKpNQm-X777777yuBxCkhT-da
And I want to use this key for authorize with apollo-module to hasura.
I set tokenName: 'auth._token.auth0' in nuxt.config.js:

// import colors from 'vuetify/es5/util/colors'

export default {
  mode: 'universal',
  /*
  ** Headers of the page
  */
  head: {
    titleTemplate: '%s - ' + process.env.npm_package_name,
    title: process.env.npm_package_name || '',
    meta: [
      { charset: 'utf-8' },
      { name: 'viewport', content: 'width=device-width, initial-scale=1' },
      { hid: 'description', name: 'description', content: process.env.npm_package_description || '' }
    ],
    link: [
      { rel: 'icon', type: 'image/x-icon', href: '/favicon.ico' }
    ]
  },
  /*
  ** Customize the progress-bar color
  */
  loading: { color: '#fff' },
  /*
  ** Global CSS
  */
  css: [
  ],
  /*
  ** Plugins to load before mounting the App
  */
  plugins: [
    { src : '~/plugins/vue-apexchart.js', ssr : false },
    { src : '~/plugins/v-charts.js', ssr : false },
  ],
  /*
  ** Nuxt.js dev-modules
  */
  buildModules: [
    '@nuxtjs/vuetify',
  ],
  /*
  ** Nuxt.js modules
  */
  modules: [
    '@nuxtjs/axios',
    '@nuxtjs/auth',
    '@nuxtjs/apollo'
  ],
  /*
  ** vuetify module configuration
  ** https://github.com/nuxt-community/vuetify-module
  */
  vuetify: {
    customVariables: ['~/assets/variables.scss'],
    theme: {
      dark: true,
    }
  },
  /*
  ** Build configuration
  */

  build: {
    // vendor : ['vue-apexchart'],
    /*
    ** You can extend webpack config here
    */
    extend (config, ctx) {
    }
  },
  // serverMiddleware: ['./auth'],
  // axios: {
  //   proxy: true
  // },
  // proxy: {
  //   '/api': 'http://localhost:3000'
  // },
  auth: {
    redirect: {
      callback: '/callback'
    },
    strategies: {
      auth0: {
        domain: 'suenot.eu.auth0.com',
        client_id: 'NkwwJnyxYqp5uTifYg_LCqBiQ6SWWMyo'
      },
      // facebook: {
      //   client_id: '315073272449033',
      //   userinfo_endpoint: 'https://graph.facebook.com/v2.12/me?fields=about,name,picture{url},email,birthday',
      //   scope: ['public_profile', 'email', 'user_birthday']
      // },
    }
  },
  apollo: {
    tokenName: 'auth._token.auth0', // optional, default: apollo-token
    cookieAttributes: {
      /**
        * Define when the cookie will be removed. Value can be a Number
        * which will be interpreted as days from time of creation or a
        * Date instance. If omitted, the cookie becomes a session cookie.
        */
      expires: 14, // optional, default: 7 (days)
      /**
        * Define the path where the cookie is available. Defaults to '/'
        */
      path: '/', // optional
      /**
        * Define the domain where the cookie is available. Defaults to
        * the domain of the page where the cookie was created.
        */
      domain: 'https://suenot-hasura.herokuapp.com/', // optional

      /**
        * A Boolean indicating if the cookie transmission requires a
        * secure protocol (https). Defaults to false.
        */
      secure: false,
    },
    includeNodeModules: true, // optional, default: false (this includes graphql-tag for node_modules folder)
    authenticationType: '', // 'Basic', // optional, default: 'Bearer'
    // (Optional) Default 'apollo' definition
    defaultOptions: {
      // See 'apollo' definition
      // For example: default query options
      $query: {
        loadingKey: 'loading',
        fetchPolicy: 'cache-and-network',
      },
    },
    // optional
    // watchLoading: '~/plugins/apollo-watch-loading-handler.js',
    // optional
    // errorHandler: '~/plugins/apollo-error-handler.js',
    // required
    clientConfigs: {
      default: {
        // required
        httpEndpoint: 'https://suenot-hasura.herokuapp.com/v1/graphql',
        // optional
        // override HTTP endpoint in browser only
        // browserHttpEndpoint: '/graphql',
        // optional
        // See https://www.apollographql.com/docs/link/links/http.html#options
        httpLinkOptions: {
          credentials: 'same-origin'
        },
        // You can use `wss` for secure connection (recommended in production)
        // Use `null` to disable subscriptions
        wsEndpoint: 'wss://suenot-hasura.herokuapp.com/v1/graphql', // optional
        // LocalStorage token
        tokenName: 'auth._token.auth0', // optional
        // Enable Automatic Query persisting with Apollo Engine
        persisting: false, // Optional
        // Use websockets for everything (no HTTP)
        // You need to pass a `wsEndpoint` for this to work
        websocketsOnly: false // Optional
      },
      // test: {
      //   httpEndpoint: 'http://localhost:5000',
      //   wsEndpoint: 'ws://localhost:5000',
      //   tokenName: 'apollo-token'
      // },
      // alternative: user path to config which returns exact same config options
      // test2: '~/plugins/my-alternative-apollo-config.js'
    }
  }
}

therefore I had request header like this:

authorization: Bearer  XaMLpJ_OKpNQm-X777777yuBxCkhT-da

But I can't authorize and had error in browser console:

GraphQL error: Could not verify JWT: JWSError (CompactDecodeError CompactDecodeError: Expected 3 parts; got 1)

How to get key with all 3 parts to auth? Maybe there are another way to auth with apollo?

Rohrig

Rohrig posted a new question

auth-module •

How to register a second Local strategy

Could you give an example of how to register a 2nd local strategy? The standard local strategy is already being used but I need to use a second. I've attempted it to no avail. Thanks in advance.

flyingboy007

flyingboy007 posted a new question

auth-module •

How to take token from header instead of body during login

Using nuxt-auth for authentication. The endpoints are configured like this.

  auth: {
    strategies: {
      local: {
        endpoints: {
          login: {url: '/sellers/login', method: 'post', propertyName: 'How to ref header here'},
          logout: {url: '/api/auth/logout', method: 'post'},
          user: false
        },
      //  tokenRequired: true,
        tokenType: ''
      }
    }
  }

But server is sending token in response header instead of body. So nuxt-auth is not working. How can I fix this?

titoff002

titoff002 posted a new question

auth-module •

How use buefy (remove nuxt-buefy) ?

Hello,

By default, nuxt uses "nuxt-buefy".
I would like to delete this package in order to use the latest from buefy: how do I do this?

Thanks

freearhey

freearhey posted a new question

auth-module •

Is this repository dead?

As I see, most bugs and questions have not been solved for a couple of years. So this project is dead, right?

Maybe somebody can recommend a worthwhile replacement, then.

robitwtms

robitwtms posted a new question

auth-module •

Laravel Passport - login not proceeding after auth code is returned. Any ideas?

I am using nuxt-auth with the "laravel.passport" strategy, and hosting with firebase in production. In development, everything works as intended. However, in production, everything works up until the point that the authorization code is returned to my frontend. At that point, everything stops, and the I am not authenticated. I am simply stuck on the on the page with the auth code (https://production-url.com/callback?code=thecode123). Does anyone know why authentication is not occurring even though the auth code has been returned? Nothing is showing up in console, so I'm not even sure if there is an error or something occuring. Any ideas or suggestions would be greatly appreciated. Thank you for your time in reading this, and I otherwise hope you have a great day :)

robitwtms

robitwtms posted a new question

auth-module •

Laravel Passport - how to force https?

I am using nuxt auth in production, and hosting with firebase. I am using the "laravel.passport" strategy. During development, everything worked as expected. However, I was using http in development. My production setup requires I use https, and this is when I noticed that nuxt auth is changing the url from https to http on redirect to the authentication server. From what I understand oauth is not secure unless it is encrypted, or in other words over https. How do I force nuxt auth to use https when it contacts/redirects to my authorization server? Thank you for your time in reading this, and I otherwise hope you have a great day :)

Aurion72

Aurion72 posted a new question

auth-module •

How do I get persistence of the connection?

I set up a connection system with Laravel Passport and the password_grant mode :

strategies: {
passwordgrant: { Scheme: "local", endpoints: { login: { url: process.env.OAUTHURL+"/oauth/token",
method: "post",
propertyName: "accesstoken" }, logout: { url: process.env.OAUTHURL+"/oauth/token",
method: "delete"
},
wear: {
method: "get",
url: process.env.OAUTH_URL+"/api/user",
propertyName: false
}
},
tokenRequired: true,
tokenType: 'Bearer',
}
}

Connection and disconnection are working properly, however I can't fix the following problem:

  • I'm logging in
  • I close my browser
  • I'm back on my app
  • I am logged out and redirected to the login page when I would like to keep an active connection.

How can I do this? Thank you in advance :)

thhan

thhan posted a new question

auth-module •

Passport insecure

Hello everyone,

I see the passport-component for laravel. In my opinion this isn't a great solution because the client-secret and client-id should never write clean in the code. An hacker could use it to get access to your api.

Better solution will be to get the implicit grant tokens. I'll hope you will update it soon or will be inform the developer wich use it at the moment.

titoff002

titoff002 posted a new question

auth-module •

urgent : use with keycloak ! Help me please !

Hello,

I'm use this auth-module with keyloak.

My strategie on nuxt.config.js :

keycloak: { _scheme: 'oauth2', client_id: 'client-bo', userinfo_endpoint: 'SERVER/protocol/openid-connect/userinfo', authorization_endpoint: 'SERVER/protocol/openid-connect/auth', //userinfo_endpoint: false, access_type: 'offline', access_token_endpoint: 'SERVER/protocol/openid-connect/token', //response_type: 'code', response_type: 'token id_token', token_type: 'Bearer', token_key: 'access_token', scope: ['openid', 'profile', 'email'], redirect_uri: 'http://127.0.0.1:3000/' },

The conection is ok.

when I click on the "connect" button: I am redirected to my keycloak environment. Once authenticated on keycloak: I am redirected to my nuxtjs application.

However, the problem is that my store are empty. Do you have an idea about this problem?

image

loggedIn : is always false
user : is always 'null'

can you tell me why it doesn't work?

Thanks to you.

sangemi

sangemi posted a new question

auth-module •

I want to execute some methods after oauth login. when using nuxt-auth module

auth: {
redirect: {
login: '/aaa',
home: '/bbb',
callback: '/ccc'
},
strategies: {
google: { ….
When I use nuxt-auth, the final destination will be '/bbb'
How can I run some function after login process.
For example,
I want to add some property to $auth.user object by my own database.
Or
I want to check if the logged user is already in my own database or not.
If the logged user from google oauth is not in my database user db, I have to add some data, for example email, nickname.

sangemi

sangemi posted a new question

auth-module •

About response-type = 'code'

https://auth.nuxtjs.org/schemes/oauth2.html#response-type

nuxt-auth has a default value of response-type = 'token'

But

Two major site in my country(Korea), naver.com and kakao.com, do not support responsetype = 'token' They only support responsetype = 'code'
please give us detail information about response_type = 'code.

The official doc said that
By default is token. If you use code you may have to implement a server side logic to sign the response code.
Is there anyone who can explain the server side logic?

xerk

xerk posted a new question

auth-module •

Middleware override my back4app middleware

I'm using my own middleware and when I use Nuxt auth it's overriding my own middleware

import Parse from 'parse';
export default function ({redirect,app}) {
   // If the user is not authenticated
   let currentUser = Parse.User.current();
   if(!currentUser)
       return redirect(`/`+app.i18n.locale+'/login');
 }

When I allow this line '@nuxtjs/auth', in my config app then It overrides my middleware and solutions for use my own and saves data from nuxt-auth to my parse middleware.

pcasaspere

pcasaspere posted a new bug report

auth-module •

bug NuxtServerError with Laravel.passport callback

Version

v4.8.4

Reproduction link

https://codepen.io/pcasaspere/pen/mdymJxW

Steps to reproduce

Version

4.8.4

Steps to reproduce

  1. Config nuxt.config:
  auth: {
    // localStorage: false,
    redirect: {
      login: '/login',
      logout: '/login',
      home: '/',
    },
    strategies: {
      'laravel.passport': {
        url: process.env.API_BASE_URL,
        client_id: process.env.API_OAUTH_CLIENT_ID,
        client_secret: process.env.API_OAUTH_CLIENT_SECRET,
      },
    }
  },
  1. In view /login.vue add method login and call in mounted:
  methods: {
    login(){
      this.$auth.loginWith('laravel.passport');
   }
  1. this.$auth.loginWith('laravel.passport'); redirect to my Laravel Login form.
  2. Laravel authorize my user, and redirect to Nuxt callback route with correct code in url's query.

image

  1. Nuxt call to internal http://127.0.0.1:3000/_auth/oauth/laravel.passport/authorize
  2. Nuxt response with error 500 with this data:
{
  "error": {
    "message": "Request failed with status code 401",
    "name": "NuxtServerError",
    "frames": [
      {
        "file": "node_modules/axios/lib/core/createError.js",
        "method": "createError",
        "line": 16,
        "column": 15,
        "context": {
          "start": 11,
          "pre": " * @param {Object} [request] The request.\n * @param {Object} [response] The response.\n * @returns {Error} The created error.\n */\nmodule.exports = function createError(message, config, code, request, response) {",
          "line": "  var error = new Error(message);",
          "post": "  return enhanceError(error, config, code, request, response);\n};\n"
        },
        "lang": "js",
        "open": "/__open-in-editor?file=/home/casas/dev/fitvium-app/app/node_modules/axios/lib/core/createError.js:16:15"
      },
      {
        "file": "node_modules/axios/lib/core/settle.js",
        "method": "settle",
        "line": 17,
        "column": 12,
        "context": {
          "start": 12,
          "pre": "module.exports = function settle(resolve, reject, response) {\n  var validateStatus = response.config.validateStatus;\n  if (!validateStatus || validateStatus(response.status)) {\n    resolve(response);\n  } else {",
          "line": "    reject(createError(",
          "post": "      'Request failed with status code ' + response.status,\n      response.config,\n      null,\n      response.request,\n      response"
        },
        "lang": "js",
        "open": "/__open-in-editor?file=/home/casas/dev/fitvium-app/app/node_modules/axios/lib/core/settle.js:17:12"
      },
      {
        "file": "node_modules/axios/lib/adapters/http.js",
        "method": "IncomingMessage.handleStreamEnd",
        "line": 237,
        "column": 11,
        "context": {
          "start": 232,
          "pre": "          if (config.responseType !== 'arraybuffer') {\n            responseData = responseData.toString(config.responseEncoding);\n          }\n\n          response.data = responseData;",
          "line": "          settle(resolve, reject, response);",
          "post": "        });\n      }\n    });\n\n    // Handle errors"
        },
        "lang": "js",
        "open": "/__open-in-editor?file=/home/casas/dev/fitvium-app/app/node_modules/axios/lib/adapters/http.js:237:11"
      },
      {
        "file": "events.js",
        "method": "IncomingMessage.emit",
        "line": 203,
        "column": 15,
        "context": {},
        "lang": "js"
      },
      {
        "file": "domain.js",
        "method": "IncomingMessage.EventEmitter.emit",
        "line": 448,
        "column": 20,
        "context": {},
        "lang": "js"
      },
      {
        "file": "_stream_readable.js",
        "method": "endReadableNT",
        "line": 1143,
        "column": 12,
        "context": {},
        "lang": "js"
      },
      {
        "file": "internal/process/next_tick.js",
        "method": "process._tickCallback",
        "line": 63,
        "column": 19,
        "context": {},
        "lang": "js"
      }
    ]
  },
  "hasInternal": true
}
This question is available on Nuxt community (#c461)

What is expected ?

Is expected correct verification of state and resend code with token params.

What is actually happening?

When Laravel redirect to callback, $auth response with internal error 500.

pcasaspere

pcasaspere posted a new question

auth-module •

NuxtServerError with Laravel.passport callback

Version

4.8.4

Steps to reproduce

  1. Config nuxt.config:
  auth: {
    // localStorage: false,
    redirect: {
      login: '/login',
      logout: '/login',
      home: '/',
    },
    strategies: {
      'laravel.passport': {
        url: process.env.API_BASE_URL,
        client_id: process.env.API_OAUTH_CLIENT_ID,
        client_secret: process.env.API_OAUTH_CLIENT_SECRET,
      },
    }
  },
  1. In view /login.vue add method login and call in mounted:
  methods: {
    login(){
      this.$auth.loginWith('laravel.passport');
   }
  1. this.$auth.loginWith('laravel.passport'); redirect to my Laravel Login form.
  2. Laravel authorize my user, and redirect to Nuxt callback route with correct code in url's query.

image

  1. Nuxt call to internal http://127.0.0.1:3000/_auth/oauth/laravel.passport/authorize
  2. Nuxt response with error 500 with this data:
{
  "error": {
    "message": "Request failed with status code 401",
    "name": "NuxtServerError",
    "frames": [
      {
        "file": "node_modules/axios/lib/core/createError.js",
        "method": "createError",
        "line": 16,
        "column": 15,
        "context": {
          "start": 11,
          "pre": " * @param {Object} [request] The request.\n * @param {Object} [response] The response.\n * @returns {Error} The created error.\n */\nmodule.exports = function createError(message, config, code, request, response) {",
          "line": "  var error = new Error(message);",
          "post": "  return enhanceError(error, config, code, request, response);\n};\n"
        },
        "lang": "js",
        "open": "/__open-in-editor?file=/home/casas/dev/fitvium-app/app/node_modules/axios/lib/core/createError.js:16:15"
      },
      {
        "file": "node_modules/axios/lib/core/settle.js",
        "method": "settle",
        "line": 17,
        "column": 12,
        "context": {
          "start": 12,
          "pre": "module.exports = function settle(resolve, reject, response) {\n  var validateStatus = response.config.validateStatus;\n  if (!validateStatus || validateStatus(response.status)) {\n    resolve(response);\n  } else {",
          "line": "    reject(createError(",
          "post": "      'Request failed with status code ' + response.status,\n      response.config,\n      null,\n      response.request,\n      response"
        },
        "lang": "js",
        "open": "/__open-in-editor?file=/home/casas/dev/fitvium-app/app/node_modules/axios/lib/core/settle.js:17:12"
      },
      {
        "file": "node_modules/axios/lib/adapters/http.js",
        "method": "IncomingMessage.handleStreamEnd",
        "line": 237,
        "column": 11,
        "context": {
          "start": 232,
          "pre": "          if (config.responseType !== 'arraybuffer') {\n            responseData = responseData.toString(config.responseEncoding);\n          }\n\n          response.data = responseData;",
          "line": "          settle(resolve, reject, response);",
          "post": "        });\n      }\n    });\n\n    // Handle errors"
        },
        "lang": "js",
        "open": "/__open-in-editor?file=/home/casas/dev/fitvium-app/app/node_modules/axios/lib/adapters/http.js:237:11"
      },
      {
        "file": "events.js",
        "method": "IncomingMessage.emit",
        "line": 203,
        "column": 15,
        "context": {},
        "lang": "js"
      },
      {
        "file": "domain.js",
        "method": "IncomingMessage.EventEmitter.emit",
        "line": 448,
        "column": 20,
        "context": {},
        "lang": "js"
      },
      {
        "file": "_stream_readable.js",
        "method": "endReadableNT",
        "line": 1143,
        "column": 12,
        "context": {},
        "lang": "js"
      },
      {
        "file": "internal/process/next_tick.js",
        "method": "process._tickCallback",
        "line": 63,
        "column": 19,
        "context": {},
        "lang": "js"
      }
    ]
  },
  "hasInternal": true
}
madmonkey

madmonkey posted a new feature request

auth-module •

idea OIDC scheme

What problem does this feature solve?

Simplicity of configuration -> point to a discovery endpoint and have the requisite information from the authority server configure the required flow with sensible overridable defaults.

https://github.com/IdentityModel/oidc-client-js
https://github.com/perarnborg/vuex-oidc

I'd be happy to contribute - but I would need a bit of guidance on how best to approach.

What does the proposed changes look like?

Setting-up a auth strategy would look like the following (it could be an enhancement to the oAuth scheme):

oidc: {
issuer: 'https://[endpoint]', or wellknownendpoint: 'https://[endpoint]/.well-known/openid-configuration'
clientid: '606654455983411e', clientsecret: '3dc309db955098a56b4fbc12677803468bfd477'
}

Issuing a GET to issuer/.well-known/openid-configuration already provides a response similar to the following, which provides endpoints for authorization token, user, end_session,etc., in addition to supported scopes, grant types, etc. :

{
"issuer":"https://[endpoint]",
"jwksuri":"https://[endpoint]/.well-known/openid-configuration/jwks", "authorizationendpoint":"https://[endpoint]/connect/authorize",
"tokenendpoint":"https://[endpoint]/connect/token", "userinfoendpoint":"https://[endpoint]/connect/userinfo",
"endsessionendpoint":"https://[endpoint]/connect/endsession",
"checksessioniframe":"https://[endpoint]/connect/checksession",
"revocationendpoint":"https://[endpoint]/connect/revocation", "introspectionendpoint":"https://[endpoint]/connect/introspect",
"deviceauthorizationendpoint":"https://[endpoint]/connect/deviceauthorization",
"frontchannellogoutsupported":true,
"frontchannellogoutsessionsupported":true, "backchannellogoutsupported":true, "backchannellogoutsessionsupported":true,
"scopessupported":[ "openid", "profile", "email", "offlineaccess"
],
"claimssupported":[ "name", "username",
"usertype", "role", "email", "phonenumber"
],
"granttypessupported":[
"authorizationcode", "clientcredentials",
"refreshtoken", "implicit", "password", "urn:ietf:params:oauth:grant-type:devicecode"
],
"responsetypessupported":[
"code",
"token",
"idtoken", "idtoken token",
"code idtoken", "code token", "code idtoken token"
],
"responsemodessupported":[
"formpost", "query", "fragment" ], "tokenendpointauthmethodssupported":[ "clientsecretbasic", "clientsecretpost" ], "subjecttypessupported":[ "public" ], "idtokensigningalgvaluessupported":[
"RS256"
],
"codechallengemethods_supported":[
"plain",
"S256"
]
}

tobyryuk

tobyryuk posted a new question

auth-module •

Server middleware not being registered when compiling and running in Lambda

I'm trying to deploy our internal Nuxt frontend to AWS Lambda with a very similar setup to this https://github.com/tonyfromundefined/nuxt-serverless while mainly changing to use ALB instead of API Gateway. The frontend is running but when I need to authenticate with our Laravel backend it's returning a 404 on the /authorize endpoint that should be registered through the server middleware section in the utils. I've even tried overriding it before build to add console logs but it doesn't even seem to register it at all.

Does anyone know a good way of debugging what's registering and digging deeper? To recreate, should be easiest just to clone the repo mentioned and add the auth module and building.

Strahinja

Strahinja posted a new bug report

auth-module •

bug auth-module demo doesn't work with Github, Facebook login gives error, token not displayed for Auth0 and Google

Version

v4.8.4

Reproduction link

https://github.com/nuxt-community/auth-module/tree/dev/examples/demo

Steps to reproduce

  • After cloning the main nuxt-community/auth-module repo, run yarn, yarn dev

  • Open browser at http://localhost:3000

  • Logging in with Auth0 and Google works, but the "secure" page is missing info on token:
    Empty token

  • Pressing the "Login with Facebook" button gives
    Facebook error

  • Pressing the "Login with Github" button gives Github's 404 page.
    Github 404

What is expected ?

All providers should work consistently, user should at least be able to login.

What is actually happening?

Some providers (Github and Facebook) don't work, others don't display information about the token.

Additional comments?

I ran into this bug when trying to learn the recommended setup for auth-module through the included demo.

ciaasteczkowy

ciaasteczkowy posted a new question

auth-module •

Custom action after login?

I use custom oauth server with my app. Inside the access_token I have a list of values which I need to present to a user so they can choose one.

My question is - where can I put the logic? I need to fire it right after obtaining access_token but before any usual "after login" redirects. Should I use my own middleware instead of the provided auth middleware?

jontybrook

jontybrook posted a new bug report

auth-module •

bug hasScope() fails to find scopes when scopeKey is set to a key containing dots

Version

v4.8.4

Reproduction link

https://github.com/nuxt-community/auth-module/blob/e21de05cdf65deea67dbc1215ccb08673a7232bb/lib/core/auth.js#L389

Steps to reproduce

  1. Add scopes to a user id token under a key which contains dots (".") - for example a url-style namespaced key eg "https://app.example.com/scopes"
    Example user object (incomplete):
{
  "iss": "https://my-domain.auth0.com/",
  "sub": "custom|123",
  "aud": "my_client_id",
  "exp": 1311281970,
  "iat": 1311280970,
  "email": "[email protected]",
  "email_verified": true,
  "https://app.example.com/scopes": [ 'read:articles', 'write:articles' ]
}
  1. Configure auth.scopeKey in nuxt.config.js to the scope key on the user object. eg: scopeKey: 'https://app.example.com/scopes'
  2. Call hasScope method. eg: this.$auth.hasScope('write:articles')
  3. hasScope always returns undefined

What is expected ?

hasScope(scope) returns true if scope is present on the "https://app.example.com/scopes" array

What is actually happening?

hasScope always returns undefined

Additional comments?

I am implementing custom claims with Auth0. To ensure OIDC conformance and prevent collision with standard OIDC claims, the Auth0 documentation requires that custom claims use a namespace identifier of any HTTP or HTTPS URL. See
https://auth0.com/docs/api-auth/tutorials/adoption/scope-custom-claims#custom-claims for details.

Keys with dots in them are perfectly valid. This bug means anyone using the Auth0 strategy trying to use custom claims will not be able to use hasScope()