I am currently trying to setup authentication for Graphql via Auth0. The issue we are facing is inside our authenticate Mutation returning the error
\validateAndParseIdToken.js:25
jwt.verify(idToken, key.publicKey, {
^
TypeError: Cannot read property 'publicKey' of undefined
We have verified the idToken is being passed in for decoding by the validateAndParseIdToken function
validateAndParseIdToken.js
const jwksClient = require('jwks-rsa')
const jwt = require('jsonwebtoken')
const jwks = jwksClient({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 1,
jwksUri: `https://${process.env.AUTH0_DOMAIN}/.well-known/jwks.json`
})
const validateAndParseIdToken = (idToken) => new Promise((resolve, reject) => {
const { header, payload} = jwt.decode(idToken, {complete: true})
if (!header || !header.kid || !payload) reject(new Error('Invalid Token'))
jwks.getSigningKey(header.kid, (err, key) => {
if (err) reject(new Error('Error getting signing key: ' + err.message))
jwt.verify(idToken, key.publicKey, { algorithms: ['RS256'] }, (err, decoded) => {
if (err) reject('jwt verify error: ' + err.message)
resolve(decoded)
})
})
})
module.exports = validateAndParseIdToken
authenticate mutation -
const Mutation = {
async authenticate(parent, { idToken }, ctx, info) {
let userToken = null
try {
userToken = await validateAndParseIdToken(idToken)
} catch (err) {
throw new Error(err.message)
}
const auth0id = userToken.sub.split('|')[1]
let user = await ctx.prisma.query.user({ where: { auth0id } }, info)
if (!user) {
user = createPrismaUser(ctx, userToken)
}
return user
},
The expect flow would be to check an idToken, if it is valid then check if a user exists in our DB for that user, if not then create that user.
