Getting "Unable to configure verification page" when trying to integrate with React Native

michaelfarnik · February 27, 2020, 5:34pm

Hey,

We built a web app a while ago which uses Auth0 Lock on the front end and Passport.js on the back end for authentication. It works fine and we’re now building a companion React Native app that would connect to the same server but we’re having some problems there.

Our authentication flow, which already works in the web app via Lock, is this (see code below for details):
1: POST /authenticate
2: GET /authorize - with a redirect_url set to our server’s callback endpoint
3: log in on the server and redirect back to the client

I went through all the network traffic that happens when using Lock and replicated it manually in our app, including all the query/request body content. For step two, we open the site with the built-in React Native in-app web browser. That then redirects us to the server, however it redirects there with the error mentioned above.

I realize this might sound convoluted and if someone has a better idea for authenticating with a React Native app in combination with Passport.js, I’d be happy to use that instead.

Here’s the code (from a Redux Saga, hence the yield statements):
const response = yield call(Axios, {
method: ‘post’,
url: https://${auth0Domain}/co/authenticate,
headers: {
origin: ‘http://localhost:3000’,
referer: ‘http://localhost:3000/login’,
},

      data: {
        client_id: auth0ClientId,
        username: email,
        password: password,
        realm: 'FortMorgan',
        credential_type: 'http://auth0.com/oauth/grant-type/password-realm',
      },
    });

    const redirectUrl = AuthSession.getRedirectUrl();

    const result = yield call(
      AuthSession.startAsync,
      {
        authUrl: `https://${auth0Domain}/authorize?${qs.stringify(
          {
            client_id: auth0ClientId,
            response_type: 'code',
            redirect_uri: `${apiUrl}/auth/callback?redirectUrl=${redirectUrl}`,
            scope: 'openid profile email',
            audience: `https://${auth0Domain}/userinfo`,
            connection: 'FortMorgan',
            state: response.data.co_verifier,
            realm: 'FortMorgan',
            login_ticket: response.data.login_ticket,
            auth0Client: /* text I got from the requests made by Lock */,
          },
        )}`,
      },
    );

What can I do to debug this further? Also, can I open a Ticket for tech support? I remember doing that for another issues some time ago but now it looks like you can only open Tickets for things like billing. Overall does anyone have any ideas as to what to do next?