为什么 Auth0.js 在 Passwordless/Verify 上给我有效负载验证错误 "None of the valid schemas were met" 和 "Missing required property"?
Why is Auth0.js giving me payload validation errors "None of the valid schemas were met" and "Missing required property" on Passwordless/Verify?
我的 SPA 客户端正在使用 Auth0.js 无密码 Start/Verify 流程来验证用户。我的身份验证回调页面收到以下有效负载验证错误。我已验证 Auth0 仪表板中存在用于 SMS 连接的用户,并且 SPA 客户端已启用 SMS 连接。
错误:
https://localhost:9001/auth/callback#error=access_denied&error_description=
Payload%20validation%20error%253A%20'None%20of%20the%20valid%20schemas%20were%20met'
.%20Inner%20errors%253A%20%5B%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20blocked'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20email_verified'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20email'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20verify_email'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20phone_number'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20phone_verified'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20verify_phone_number'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20password'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20verify_password'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20user_metadata'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20app_metadata'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20username'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20client_id'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20groups'
.%20%5D.&state=statehash
Auth0 初始化:
this.auth0 = new auth0.WebAuth({
audience: `https://${authSettings.domain}/userinfo`,
clientID: authSettings.checkoutClientId,
domain: authSettings.domain,
redirectUri: authSettings.checkoutCallbackUrl,
responseType: 'token id_token',
scope: 'openid email profile'
});
无密码启动:
this.auth0.passwordlessStart({
connection: 'sms',
send: 'code',
phoneNumber: phoneNumber,
authParams: {
responseType: 'token id_token',
scope: 'openid email profile'
}
}
无密码验证:
this.auth0.passwordlessVerify({
connection: 'sms',
phoneNumber: phoneNumber,
verificationCode: confirmationCode,
type: 'sms',
authParams: {
responseType: 'token id_token',
scope: 'openid email profile'
}
}
"missing required parameters" 甚至对 passwordless/verify 的调用都没有意义。
事实证明错误实际上是在自定义 Auth0 规则中引发的,但仅通过身份验证回调出现。
具体来说,我们有一个名为 auth0.users.updateAppMetadata 和 auth0.users.updateUserMetadata 的规则,它们显然不适用于无密码 SMS 连接。
我的 SPA 客户端正在使用 Auth0.js 无密码 Start/Verify 流程来验证用户。我的身份验证回调页面收到以下有效负载验证错误。我已验证 Auth0 仪表板中存在用于 SMS 连接的用户,并且 SPA 客户端已启用 SMS 连接。
错误:
https://localhost:9001/auth/callback#error=access_denied&error_description=
Payload%20validation%20error%253A%20'None%20of%20the%20valid%20schemas%20were%20met'
.%20Inner%20errors%253A%20%5B%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20blocked'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20email_verified'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20email'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20verify_email'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20phone_number'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20phone_verified'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20verify_phone_number'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20password'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20verify_password'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20user_metadata'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20app_metadata'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20username'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20client_id'
.%20(also)%20Payload%20validation%20error%253A%20'Missing%20required%20property%253A%20groups'
.%20%5D.&state=statehash
Auth0 初始化:
this.auth0 = new auth0.WebAuth({
audience: `https://${authSettings.domain}/userinfo`,
clientID: authSettings.checkoutClientId,
domain: authSettings.domain,
redirectUri: authSettings.checkoutCallbackUrl,
responseType: 'token id_token',
scope: 'openid email profile'
});
无密码启动:
this.auth0.passwordlessStart({
connection: 'sms',
send: 'code',
phoneNumber: phoneNumber,
authParams: {
responseType: 'token id_token',
scope: 'openid email profile'
}
}
无密码验证:
this.auth0.passwordlessVerify({
connection: 'sms',
phoneNumber: phoneNumber,
verificationCode: confirmationCode,
type: 'sms',
authParams: {
responseType: 'token id_token',
scope: 'openid email profile'
}
}
"missing required parameters" 甚至对 passwordless/verify 的调用都没有意义。
事实证明错误实际上是在自定义 Auth0 规则中引发的,但仅通过身份验证回调出现。
具体来说,我们有一个名为 auth0.users.updateAppMetadata 和 auth0.users.updateUserMetadata 的规则,它们显然不适用于无密码 SMS 连接。