Electron application and renew token with checkSession


I was totally confused at the moment. I went through almost all threads on your forum and trough documentation many times, but still, I’m not sure that I understand how should I implement authorization in electron application and have the possibility to use checkSession from Auth0-js SDK which will be used for renewing expired token if the session is active for that user on Auth0.

So, I already had Auth0 lock library version 10.20.0 and authentication worked in electron as it is expected. We didn’t use checkSession and token was stored in localStorage.

Now we wanted to renew token if user has valid session on auth0 and we used auth0-js checkSession method and it worked perfectly during development, because in development application was run in webpack server on localhost:3000, but on production windows build it is on file protocol. ( file:/// ).

So, now when production app starts it thrown error:
1. code:“origin_mismatch”
2. description:“The redirectUri’s origin (http://localhost:3000) should match the window’s origin (file://).”
3. error:“origin_mismatch”
4. error_description:“The redirectUri’s origin (http://localhost:3000) should match the window’s origin (file://).”

I tried to change redirectUri in my Auth0 initialisation piece of code to ‘file:///’ but it doesn’t work. Then I’m getting an error from Auth0 on /authorize endpoint with status code 400.

Then I found this:

But it explain just how PKCE flow could be implemented and on that way we should solve only authorization, but still there will be an issue regarding silent authentication or renewing a token with a checkSession that is recommended way by you in your documentation. We will have the same problem with redirectUri and file protocol.

Any ideas?