hi @thameera
how do i use the state from the login flow before the action after validating the token
b/c now the states match on calling the continue endpoint
but it doesn’t match the original state used in the beginning of the universal login (i assume)
as i use a different new state for the login redirection but once it passes the continue route successfully, it gets redirected to ********.com/api/auth/callback… with an error in the URL for a redirection error and the state used in the redirection and not the normal state that was sent in the beginning of the regular login flow which is what could be causing the error - generic error page that just says
“This page is not working, if problem contact site owner”
made the change to the state you suggested and it worked better so ill just show the action code to ask whether there is anything to change there
thanks again!
AUTH0 ACTION
exports.onExecutePostLogin = async (event, api) => {
try {
const isPaid = event.user.app_metadata.isPaid;
if (event.stats.logins_count !== 1 && isPaid) {
return;
} else {
if (event.user.app_metadata.stripe_customer_id) {
const sessionToken = api.redirect.encodeToken({
secret: event.secrets.NEW_STATE,
payload: {
customerId: event.user.app_metadata.stripe_customer_id,
},
});
console.log(sessionToken)
// Redirect the user to the Stripe checkout page with session_token query parameter
api.redirect.sendUserTo('https://www.***************.com/checkout', {
query:
{
session_token: sessionToken,
redirect_uri: `https://**********.us.auth0.com/continue`,
},
});
}
}
} catch (error) {
console.log(error.message);
api.access.deny(
"We could not create your account, problem with stripe redirection.\n" +
"Please contact support for assistance."
);
}
};
exports.onContinuePostLogin = async (event, api, ) => {
try {
let decodedToken;
decodedToken = api.redirect.validateToken({
secret: event.secrets.NEW_STATE,
tokenParameterName: 'state',
});
// Check if the algorithm is correct
// Now you can use the decoded token as needed
console.log(decodedToken);
// Set the app metadata if needed
api.user.setAppMetadata('isPaid', true);
} catch (error) {
console.log('Error receiving and validating the token and with using the continue endpoint');
return api.access.deny('Error occurred during redirect.');
}
};
getting an error in my auth0 logs blurring out all sensitive info
{
"date": "2023-11-22T02:10:39.933Z",
"type": "f",
"description": "Error occurred during redirect.",
"connection": "Username-Password-Authentication",
"connection_id": "**************************",
"client_id": "**************************",
"client_name": "**************************",
"ip": "**************************",
"user_agent": "**************************",
"details": {
"body": {},
"qs": {
"state": "**************************"
},
"connection": "Username-Password-Authentication",
"error": {
"message": "Error occurred during redirect.",
"oauthError": "Error occurred during redirect.",
"type": "access_denied"
},
"session_id": "**************************",
"actions": {
"executions": [
"**************************"
]
},
"stats": {
"loginsCount": 47
}
},
"hostname": "**************************.us.auth0.com",
"user_id": "**************************",
"user_name": "**************************",
"strategy": "auth0",
"strategy_type": "database",
"audience": "https://**************************.us.auth0.com/**************************",
"scope": [
"openid",
"profile",
"email"
],
"log_id": "**************************",
"_id": "**************************",
"isMobile": false,
"id": "**************************"
}