I'm struggling to get user info after authenticating using the auth0 PHP SDK. This is on my localhost using ngrok. I'm just using the basic example files in the SDK and I'm able to log in fine. However, after login when it re-directs to my callback url and attempts to exchange the auth code, I get a 401 error with "unauthorized".
Here is the error in wamp:
In the logs I can see that the login happened successfully, but when attempting to exchange the auth code, it fails.
I can also confirm that I'm getting the code and the state back in my query parameters:
https://myurl.ngrok.io/auth/?code=ygKukP3B5_xk0pbb&state=5ae5b7a643aa46.52329844
I've made a couple of slight modifications to the example files while trying to get this to work, but I don't think that's the culprit. Just in case, here's the code:
require 'vendor/autoload.php';
//require 'dotenv-loader.php';
use Auth0\SDK\Auth0;
$domain = 'mydomain.auth0.com';
$client_id = 'MYCLIENT';
$client_secret = 'MYSECRET';
$redirect_uri = 'https://myurl.ngrok.io/auth/';
$auth0 = new Auth0([
'domain' => $domain,
'client_id' => $client_id,
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'persist_id_token' => true,
'persist_refresh_token' => true,
'audience' => 'https://mydomain.auth0.com/userinfo',
'scope' => 'openid profile'
]);
if (isset($_REQUEST['logout'])) {
$auth0->logout();
session_destroy();
header("Location: /");
die();
}
if(isset($_REQUEST['code'])) {
$userInfo = $auth0->getUser();
var_dump($userInfo);
} else {
$auth0->login();
}
UPDATE:
I also noticed that when the page first loads I get the previously mentioned error. If I refresh the page, I get Fatal error: Uncaught Auth0\SDK\Exception\CoreException: Invalid state
