Add a JWT decoder for Auth0 #68
Description
Hey there,
I was planning to use this bundle as a way to grab and confirm a JWT token issued by Auth0 and can see that this is not really supported in the current codebase. I've been able to get a very basic version of this up and running by supplying an encoder to the LexikJWTBundle and wondered if you would want this added to the bundle as an optional extra?
Let me know your thoughts and then I can look to making the code below actually work with the bundle.
The encoder would look something like this (untested)
<?php
namespace App\Encoder;
use Auth0\SDK\Configuration\SdkConfiguration;
use Auth0\SDK\Exception\InvalidTokenException;
use Auth0\SDK\Token;
use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
class Auth0JWTEncoder implements JWTEncoderInterface
{
private SdkConfiguration $sdkConfiguration;
public function __construct(SdkConfiguration $sdkConfiguration)
{
$this->sdkConfiguration = $sdkConfiguration;
}
public function encode(array $data)
{
// Not be needed but required by interface
}
public function decode($token): array
{
$auth0TokenVerifier = $this->createTokenVerifyer($token);
try {
$auth0TokenVerifier->validate();
$auth0TokenVerifier->verify();
} catch (InvalidTokenException $e) {
throw new AuthenticationException('Invalid Auth0 token', 0, $e);
}
return $auth0TokenVerifier->toArray();
}
private function createTokenVerifyer(string $token): Token
{
return new Token($this->sdkConfiguration, $token, Token::TYPE_ID_TOKEN);
}
}