internal: Add .auth0.com to broken domains Auth0 does not support `client_id` in basic auth **without** a `client_secret` but they do support one or both in the body. Auth0 also uses account specific subdomains, so needs to be in the domain suffix broken handling. Change-Id: I06abec5c228c746b8b90758f452016eeb67f3e98 Reviewed-on: https://go-review.googlesource.com/70010 Reviewed-by: K.J. Valencik <kjvalencik@gmail.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

commit: a032972e28060ca4f5644acffae3dfc268cc09db [log] [tgz]
author: Paul Tyng <paul@paultyng.net> Wed Oct 11 13:22:33 2017 -0400
committer: Brad Fitzpatrick <bradfitz@golang.org> Fri Jan 26 16:49:32 2018 +0000
tree: 7d241414cd5ca0c143e81f67ddedb17b8ee5ff69
parent: b28fcf2b08a19742b43084fb40ab78ac6c3d8067 [diff]
diff --git a/internal/token.go b/internal/token.go
index 881fbef..e7d078f 100644
--- a/internal/token.go
+++ b/internal/token.go

@@ -128,6 +128,7 @@
 
 // brokenAuthHeaderDomains lists broken providers that issue dynamic endpoints.
 var brokenAuthHeaderDomains = []string{
+	".auth0.com",
 	".force.com",
 	".myshopify.com",
 	".okta.com",
commit	a032972e28060ca4f5644acffae3dfc268cc09db	[log] [tgz]
author	Paul Tyng <paul@paultyng.net>	Wed Oct 11 13:22:33 2017 -0400
committer	Brad Fitzpatrick <bradfitz@golang.org>	Fri Jan 26 16:49:32 2018 +0000
tree	7d241414cd5ca0c143e81f67ddedb17b8ee5ff69
parent	b28fcf2b08a19742b43084fb40ab78ac6c3d8067 [diff]