Problem statement
An application that was built using @auth/auth-angular version 1.11.1 was recently updated to use the latest version of the SDK ( version 2.x.x ).
After upgrading the @auth0/angular dependency in the application, it appeared to successfully complete the first phase of authentication, using either the Auth0 database or social providers. However, the overall transaction failed to complete and the following error was observed:
server_error : Unable to issue redirect for OAuth 2.0 transaction
This failure mode also seems to generate a TIMEOUT error when trying to silently get an access token.
Symptoms
server_error : Unable to issue redirect for OAuth 2.0 transactionerror
Cause
The failure may be due to missing or incorrect configuration items:
- When configuring the auth0 client, it is now necessary to explicitly specify the Redirect URI. This was not required in older versions.
authorizationParamsmay be absent or incorrectly defined
Solution
Review the Migration guide, paying special attention to the section on authorizationParams.
Here is a sample code that illustrates this issue:
AuthModule.forRoot({
cacheLocation: "localstorage",
clientId: AG_OIDC_CLIENT_ID,
domain: AG_OIDC_DOMAIN,
httpInterceptor: {
allowedList: [httpInterceptorPath],
},
useRefreshTokens: true,
authorizationParams: {
audience: AG_OIDC_AUDIENCE,
redirect_uri:your_redirect_uri
},
}),
Note how it is a requirement to specify the Redirect URI and that failure to do so will result in an error being thrown.