I’m trying to upgrade from Lock 9 to Lock 11 for a Rails app with embedded login. Everything worked correctly with Lock 9, but now I am unable to get the redirect to work.
When the login dialog pops up I enter the username and password and the user does authenticate. I can tell this by looking at the logs in the Auth0 dashboard (Success cross origin authentication) and I also get an updated dialog that says “Thanks for logging in”. However, nothing happens after this.
The “Thanks for logging in” dialog just stays there and there is no attempt to redirect to the callback.
Here are my settings (some information has been changed to XXXX for privacy):
lock = new Auth0Lock(‘<%= Rails.application.secrets.auth0_client_id %>’, ‘<%=Rails.application.secrets.auth0_domain %>’);
In my view:
lock.show(
{
allowAutocomplete: true,
allowShowPassword: true,
avatar: null,
loginAfterSignUp: false,
allowSignUp: false,
autoclose: true,
auth : {
audience: “https://XXXX.auth0.com/userinfo”,
redirect: true,
redirectUrl: “http://localhost:3000/auth/auth0/callback”,
responseType: “code”,
params: {
scope: “openid email profile”
}
}
}
);
config/initializers/auth0.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider(
:auth0,
ENV[‘AUTH0_CLIENT_ID’],
ENV[‘AUTH0_CLIENT_SECRET’],
ENV[‘AUTH0_DOMAIN’],
callback_path: ‘/auth/auth0/callback’,
authorize_params: {
scope: ‘openid email profile’,
audience: ‘https://XXXX.auth0.com/userinfo’
}
)
end
PLEASE NOTE: I had change “http://” to “http…” from links below since I can only put 3 links in a post (weird).
I do have “http…localhost:3000/auth/auth0/callback” listed in both “Allowed Callback URLs” and “http…localhost:3000” in “Allowed Web Origins”.
Oddly, I am required to have “http…localhost:3000/” in the Callback URL section. Although, I’m trying to go to “http…localhost:3000/auth/auth0/callback” else I get a “Failed cross origin authentication” error in the logs.
I’m not sure but it appears that Auth0 is trying to redirect id “http…localhost:3000/” instead of “http…localhost:3000/auth/auth0/callback”
Has anyone else encountered this issue? Any help would be appreciated. I’ve been trying to get this to work for 3 days.