-
Which SDK this is regarding: auth0-angular
-
SDK Version: 1.3.1
-
Platform Version:
*@angular/common: 11.0.5 *
*@angular/core: 11.0.5 *
@angular/platform-browser: 11.0.5 -
Code Snippets/Error Messages/Supporting Details/Screenshots:
The authorization code flow ends successfully, I got the tokens (id + authorization) as expected, but at the end of the flow the Angular router redirect me to “/”. Following details.
After the login on auth0 my browser is redirected to the expected url (the one I configured in the “callback url” in the app setup page on auth0.com) with code and state as query string parameters.
After that I see in the network tab the /oauth/token POST and a http 200 response from auth0 with the tokens in the response body (I tried the tokens with postman challenging my api and they work great).
Few instants later I see the content of my router-outlet changing from the route of the callback url to the route “/”.
I included the sourceMaps of auth0 in my build and I found the code lines where the router points to “/”:
private handleRedirectCallback(): Observable<RedirectLoginResult> {
return defer(() => this.auth0Client.handleRedirectCallback()).pipe(
tap((result) => {
const target = result?.appState?.target ?? '/';
this.navigator.navigateByUrl(target);
})
);
}
In my case appState is undefined.
Going deeper the appState is a property of the transaction object and looking at the creation of the object:
this.transactionManager.create({
nonce: nonceIn,
code_verifier,
appState,
scope: params.scope,
audience: params.audience || 'default',
redirect_uri: params.redirect_uri,
...(organizationId && { organizationId })
});
I can say that the appState is undefined during the creation of the transaction.
Following the return value of the function handleRedirectCallback:
return {
appState: transaction.appState
};
that in my case is always undefined.
Configuration details on auth0:
- Configured callback url: http://localhost:4200/login/callback
- Allowed logout URL: http://localhost:4200/login/init
- Allowed web-origins: http://localhost:4200/login/init
Following the configuration in my app.module:
AuthModule.forRoot({
domain: environment.auth.issuer,
clientId: environment.auth.clientId,
audience: environment.auth.audience,
redirectUri: 'http://localhost:4200/login/callback',
errorPath: 'http://localhost:4200/login/callback',
scope: openid profile email offline_access,
useRefreshTokens: true,
httpInterceptor: {
allowedList: [
{
uri: environment.api.endpoints.base + '/*',
tokenOptions: {
audience: environment.auth.audience,
},
},
],
}
})
Can someone help me?
If you need any further details please feel free to ask.
Thank you.