Hi There,
I’m fairly new to Auth0 and OAuth.
I’m working on integrating a Auth0-php in a WordPress Plugin using the authorization code flow.
All seems fine, until I’m redirected back to WordPress and then I receive the following error:
Uncaught Auth0\SDK\Exception\CoreException: Invalid state in /Applications/MAMP/htdocs/test-woocommerce/wp-content/plugins/phauth0/vendor/auth0/auth0-php/src/Auth0.php:559
Also shown in the screenshot is a state mismatch between the $_SESSION and the query paramamter in the URL
I’ve looked at several topics simular to this but none seem to fix my issue, also none mention the state mismatch issue either.
Any help is greatly appriciated!
function __construct() {
$this->auth0_domain = get_option('auth0_domain');
$this->auth0_client_id = get_option('client_id');
$this->auth0_client_secret = get_option('client_secret');
$this->auth0_redirect_uri = get_option('redirect_uri');
$this->auth0_audience = get_option('audience');
$this->client = new Auth0([
'domain' => $this->auth0_domain,
'client_id' => $this->auth0_client_id,
'client_secret' => $this->auth0_client_secret,
'redirect_uri' => $this->auth0_redirect_uri,
'scope' => 'read:users',
'audience' => $this->auth0_audience,
'persist_user' => true,
'persist_access_token' => true,
'persist_refresh_token' => true,
'persist_id_token' => true,
// 'state_handler' => false // this should be true
]);
$this->login_url = $this->client->getLoginUrl( );
$this->admin = new Admin( $this, $this->login_url );
// $this->generate_token();
}
Regards,
Tom