I’m running into a significant issue when trying to verify the token that is stored in the “in-memory” web worker when running my app in Safari standalone mode on iOS 13.
Here’s the status of my situation right now. Safari is working on the mobile browser version. I make a request to my API and before that request goes out, the getTokenSilently
method is run, the Auth0 SPA SDK recognizes that I’m using refresh tokens and makes a call to the oauth/token
endpoint to exchange tokens. I get my new token back, stuff it in the header of my request and then I get my data back. Everything is working fine from that perspective.
However, when I run that same part of the app in standalone mode on the iPhone, I get a “Login Required” error back. I did some debugging and traced through the code in standalone mode and this is the result of my findings. The Auth0 SDK is:
- Recognizing that I’m using refresh tokens
- Redirecting me to the
_getTokenUsingRefreshToken
method - Attempting to locate the tokens that are stored in the web worker
- Not recognizing that my tokens are stored and then reverting to using the
_getTokenFromIFrame
I’ve read I think all of the documentation there is including forums on Auth0 and Safari ITP and haven’t really come to a good consensus of what I should be doing. My Auth0 client config is below
authClient = new Auth0Client({
domain: getConfigVar("PWA_AUTH_0_DOMAIN"),
client_id: getConfigVar("PWA_AUTH_0_CLIENT_ID"),
audience: getConfigVar("PWA_AUTH_0_AUDIENCE"),
redirectUri: getRedirectUrl(),
scope: "offline_access",
cacheLocation: "memory",
useRefreshTokens: true
});
When running the getTokenSliently
method I pass in token
as an extra scope
getTokenSilently({ scope: "token" })
I’ve tried a few things:
- Using
localstorage
instead ofmemory
for storing the tokens - Added an
offline_access
scope to the Auth0 client initialization to get a refresh token back right away
It’s also interesting to note that as it stands right now, I’ve tested the application out with all major browsers on desktop and mobile phones and also with the standalone mode for android devices and everything is working as expected. The only trouble I’m running into is in Standalone mode for Safari iOS.
Any advice on how to fix this would be greatly appreciated!
Thanks!