我的初次用户登录流程如下:
1.User单击我的Angular页面上的登录按钮,它将其重定向到auth0登录页面
2。然后他第一次注册
3。我的规则检查他是否是首次用户,如果为true,则将其重定向到我的角度页面(/注册端点),在这里我想添加一些逻辑以将该用户添加到我的自定义数据库中。
4。然后用户应返回auth0登录流程并再次重复所有规则。 问题是我的网址中出现此错误:
以auth0规则登录调试模式
{
"code": 500,
"error": "Script generated an unhandled asynchronous exception.",
"details": "Error: error:0906D06C:PEM routines:PEM_read_bio:no start line",
"name": "Error",
"message": "error:0906D06C:PEM routines:PEM_read_bio:no start line",
"stack": "Error: error:0906D06C:PEM routines:PEM_read_bio:no start line\n at Sign.sign (crypto.js:331:26)\n at Object.sign (/data/_verquire/auth0-extension-s3-tools/1.1.1/node_modules/jwa/index.js:76:45)\n at Object.jwsSign [as sign] (/data/_verquire/auth0-extension-s3-tools/1.1.1/node_modules/jws/lib/sign-stream.js:32:24)\n at Object.module.exports [as sign] (/data/_verquire/auth0-extension-hapi-tools/1.2.1/node_modules/jsonwebtoken/sign.js:144:16)\n at createToken (/data/io/aefe221a-b96c-403d-8dd2-b535234672e1/webtask.js:123:20)\n at async.waterfall.callback.user (/data/io/aefe221a-b96c-403d-8dd2-b535234672e1/webtask.js:125:19)\n at fn (/data/sandbox/node_modules/auth0-authz-rules-api/node_modules/async/lib/async.js:638:34)\n at Immediate._onImmediate (/data/sandbox/node_modules/auth0-authz-rules-api/node_modules/async/lib/async.js:554:34)\n at runCallback (timers.js:810:20)\n at tryOnImmediate (timers.js:768:5)\n at processImmediate [as _immediateCallback] (timers.js:745:5)"
}
3:03:02 PM:
Code generated an uncaught exception: Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
at Sign.sign (crypto.js:331:26)
at Object.sign (/data/_verquire/auth0-extension-s3-tools/1.1.1/node_modules/jwa/index.js:76:45)
at Object.jwsSign [as sign] (/data/_verquire/auth0-extension-s3-tools/1.1.1/node_modules/jws/lib/sign-stream.js:32:24)
at Object.module.exports [as sign] (/data/_verquire/auth0-extension-hapi-tools/1.2.1/node_modules/jsonwebtoken/sign.js:144:16)
at createToken (/data/io/aefe221a-b96c-403d-8dd2-b535234672e1/webtask.js:123:20)
at async.waterfall.callback.user (/data/io/aefe221a-b96c-403d-8dd2-b535234672e1/webtask.js:125:19)
at fn (/data/sandbox/node_modules/auth0-authz-rules-api/node_modules/async/lib/async.js:638:34)
at Immediate._onImmediate (/data/sandbox/node_modules/auth0-authz-rules-api/node_modules/async/lib/async.js:554:34)
at runCallback (timers.js:810:20)
at tryOnImmediate (timers.js:768:5)
at processImmediate [as _immediateCallback] (timers.js:745:5)
这是我执行此操作的规则:
function(user, context, callback) {
if (context.protocol !== "redirect-callback") {
if (context.stats.loginsCount === 1) {
function createToken(clientId, clientSecret, issuer, user) {
var options = {
expiresInMinutes: 5,
audience: clientId,
issuer: issuer,
algorithm: 'RS256'
};
return jwt.sign(user, clientSecret, options);
}
var token = createToken(
configuration.CLIENT_ID,
configuration.CLIENT_SECRET,
configuration.ISSUER, {
sub: user.user_id,
email: user.email,
scope: 'openid'
}
);
context.redirect = {
url: "http://localhost:4200/register?token=" + token
};
return callback(null, user, context);
}
return callback(null, user, context);
} else {
function verifyToken(clientId, clientSecret, issuer, token, cb) {
jwt.verify(
token,
clientSecret, {
audience: clientId,
issuer: issuer
},
cb
);
}
function postVerify(err, decoded) {
return callback(null, user, context);
}
verifyToken(
configuration.CLIENT_ID,
configuration.CLIENT_SECRET,
configuration.ISSUER,
context.request.query.token,
postVerify
);
}
}
还有我的重定向组件。
export class RegisterComponent implements OnInit {
token: string;
profile: any;
constructor(private http: HttpClient,private activatedRoute: ActivatedRoute, private auth: AuthService) {
}
ngOnInit() {
this.activatedRoute.queryParams.subscribe(params => {
const token = params['token']
const state = params['state'];
console.log(token);
const headers = new HttpHeaders({
'Authorization': 'Bearer '+token
});
this.http.get('https://'+environment.domain+'/userinfo', {headers: headers}).subscribe((data: any) => {
this.profile = data;
console.log(this.profile);
});
}
);
}
}
我认为问题出在我的规则上,即我对令牌进行签名。我不知道到底什么应该是私钥,以及我是否完全在执行签名令牌。