Auth0 Home Blog Docs

Cannot find where to set redirectUrl

lock
auth0

#1

I have an ASP.NET MVC application which is using Auth0 and hosted Lock v11. Right now I’m having an issue with the redirects once a user authenticates with Lock. No matter what I do, the callbackURL is always
http://localhost:53474/signin-auth0
I would like to pass a the return URL from my application to Lock, but I can’t figure out how to set it. Here are some of the relevant snippets from my application.

From my OnAuthorization method:
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary { { “action”, “Login” },
{ “controller”, “Account” },
{ “returnUrl”, filterContext.HttpContext.Request.Url}
});

From my account controller:
[AllowAnonymous]
public ActionResult Login(string returnUrl)
{
return new ChallengeResult(“Auth0”, returnUrl ?? Url.Action(“Index”, “Home”));
}

And here is the @@config@@ JSON object that I receive in my Lock hosted page:
{
“assetsUrl”: “”,
“auth0Domain”: “.auth0.com”,
“auth0Tenant”: “”,
“clientConfigurationBaseUrl”: “strippedforlinklimit”,
“callbackOnLocationHash”: false,
“callbackURL”: “http://localhost:53474/signin-auth0”,
“cdn”: “strippedforlinklimit”,
“clientID”: “myclientid”,
“connection”: “”,
“dict”: {
“signin”: {
“title”: “My App”
}
},
“extraParams”: {
“protocol”: “oauth2”,
“response_type”: “code”,
“scope”: “openid profile”,
“audience”: “strippedforlinklimit”,
“_csrf”: “csrftoken”,
“_intstate”: “deprecated”,
“state”: “thestate”
},
“internalOptions”: {
“protocol”: “oauth2”,
“response_type”: “code”,
“scope”: “openid profile”,
“audience”: “strippedforlinklimit”,
“_csrf”: “csrftoken”,
“_intstate”: “deprecated”,
“state”: “thestate”
},
“widgetUrl”: “strippedforlinklimit”,
“isThirdPartyClient”: false,
“authorizationServer”: {
“url”: “strippedforlinklimit”,
“issuer”: “strippedforlinklimit”
}
}

And part of my hosted page:
auth: {
redirectUrl: config.callbackURL,


#2

I apologize for the formatting, but I can’t seem to edit my post to fix it.


#3

I have a very similar issue. The redirect URL should be saved in the state parameter and come back and get decoded with the Auth0.OWIN dll but something is interfering with it it seems: https://stackoverflow.com/questions/50917945/url-redirection-using-auth0s-state-parameter-in-owin-doesnt-work