Following the Add Token Renewal quick start I implemented this:
this.auth0.checkSession({}, (err, authResult) ...
But when I tested it both err
and authResult.idToken
were coming back null
.
Upon further investigation I did notice that authResult.scope
was also null
.
I compared this to the authResult.scope
returned by this.auth0.parseHash
(during ‘normal’ login) and observed that it is was "openid"
.
I was able to resolve the issue by adding some additional options to our new auth0.WebAuth(...)
initializer. Previously it had had solely:
responseType: "token"
But I changed this to:
responseType: "token id_token",
scope: 'openid'
And now it works. So:
Is this a bug? Surely the returned authResult.idToken
should be consistent between parseHash(..)
and checkSession(..)
(for a given new auth0.WebAuth(...)
?