Auth0 not following oidc spec (again) (but in an other way)

[julien-leclercq]

Hello,

As stated in the title, the /usreinfo endpoint returns a stringified epoch timestamp...
https://auth0.com/docs/api/authentication#user-profile

If you have any idea on how I could work around this other than hand making the request. Otherwise, do not bother, the problem is definitely on their side.

[ramosbugs]

Wonderful... you'd think Auth0 could at least be internally consistent with how they (mis)represent timestamps.

Fortunately, Auth0 appears to be returning raw JSON UserInfo responses rather than signed JWTs, so in this case I would suggest having an HTTP client shim that rewrites the /userinfo response to adhere to the spec (i.e., converts the string to a number) before returning it to this crate. You can pass a function that implements this shim directly to request[_async].

[julien-leclercq]

Thanks, for now I have a dedicated reqwest client. might update later.

[JosiahParry]

I think I am running into this issue myself. But unlike @julien-leclercq, I am not as confident in my abilities to handcraft requests with reqwest 🙈

I am running into the following error which sounds an awful lot like what is described in this issue.

[src/web/oauth.rs:75:9] &user_res = Err(
    OpenIdConnect(Parse(Error { path: Path { segments: [] }, original: Error("Failed to parse payload JSON: Error(\"data did not match any variant of untagged enum Timestamp\", line: 1, column: 488)",

When i remove the profile scope I am able to get the claims successfully