Comments (6)
frederikprijck
commented on September 18, 2024
1
https://github.com/panva/oauth4webapi is probably a good one if u look for an OIDC compliant SDK.
from auth0-spa-js.
frederikprijck
commented on September 18, 2024
Thanks for reaching out.
In my case 'authorize' endpoint is 'oauth2/authorize' and 'oauth/token' is 'ouath2/token'.
Are you using Auth0 or some other Identity Provider?
In case you are using another Identity Provider, please understand that this SDK is made for Auth0 and has internal functionality specifically designed to work for Auth0 and will not work with other identity providers.
This is also why we have not made the endpoint URLs configurable, as we do not currently support other identity providers.
If you are using Auth0, can you elaborate on why your URLs are different from the ones we use defaullt?
from auth0-spa-js.
johnny-the-coder
commented on September 18, 2024
Hi Frederik,
I guess we can both agree that the library would be much more versatile and useful when it would consider ./well-known/openid-configuration.
I searched in the web and there are people struggling with the exact same problem, e.g.:
https://stackoverflow.com/questions/68187471/why-does-google-use-oauth2-auth-and-auth0-spec-uses-oauth2-authorize
I think it would not make a huge effort to implement the necessary changes.
So why not make a much more powerful open-source library?
from auth0-spa-js.
frederikprijck
commented on September 18, 2024
I guess we can both agree that the library would be much more versatile and useful when it would consider ./well-known/openid-configuration.
I disagree. I agree it would be better if it was more OpenID compliant and not Auth0 focussed, but that is not solved by simply using the well known.
So why not make a much more powerful open-source library?
That would make it look as if we support other identity providers, which we do not because of other internal stuff that depends on Auth0 (not just the endpoint urls). So not supporting other endpoint urls is deliberate for now, even though I would love to see it evolve to be more OIDC compliant as well, but that is not something we currently plan to do.
I searched in the web and there are people struggling with the exact same problem, e.g.:
This is an Auth0 specific SDK, and we nowhere mention it works with others or is OIDC compliant. I understand the issue, but it's not the correct expectation when using our SDK in its current state.
This is also mentioned on the SO link u shared:
Generally though I avoid vendor specific libraries for this type of reason.
from auth0-spa-js.
johnny-the-coder
commented on September 18, 2024
ok, thanks for the information, I will search for another library then.
from auth0-spa-js.
johnny-the-coder
commented on September 18, 2024
closing for now
from auth0-spa-js.
Related Issues (20)
- "Misconfiguration in the system or a service outage" error in Auth0 HOT 3
- prompt in authorizationParams is not getting override. It is coming none even if it is set to other value like login. HOT 7
- Sophos Cyber Security Endpoint detects ransomware in the package HOT 3
- Total Cookie Protection breaks auth HOT 2
- Better error messaging when out of local storage quota? HOT 4
- Angular SSR window.crypto HOT 1
- User without Organization Membership caused infitine login redirect loop HOT 2
- NullInjectorError HOT 1
- Clarify limits for checkSession method HOT 7
- React Quickstart causing error upon clicking the login button HOT 2
- organization option of Auth0Client.getTokenSilently function is unexpectedly reuse previous value HOT 4
- Make getTokenSilently Generic HOT 2
- Support `getAccessTokenSilently` for multiple audiences in parallel HOT 4
- auth0-spa-js for multipage app? HOT 3
- Suport for multi tab sessions HOT 5
- Add configuration option for custom transaction storage
- LoginWithPopup doesn't work in Microsoft Word add-in on Mac HOT 3
- Extra redirect on silent login after upgrade to v2 HOT 9
- Implicit return in auth0-spa-js/src/cache /cache-manager.ts when TS "noImplicitReturns" is set to true HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth0-spa-js.