Following the Add Token Renewal quick start I implemented this:
this.auth0.checkSession({}, (err, authResult) ...
But when I tested it both err and authResult.idToken were coming back null.
Upon further investigation I did notice that authResult.scope was also null.
I compared this to the authResult.scope returned by this.auth0.parseHash (during ‘normal’ login) and observed that it is was "openid".
I was able to resolve the issue by adding some additional options to our new auth0.WebAuth(...) initializer. Previously it had had solely:
responseType: "token"
But I changed this to:
responseType: "token id_token",
scope: 'openid'
And now it works. So:
Is this a bug? Surely the returned authResult.idToken should be consistent between parseHash(..) and checkSession(..) (for a given new auth0.WebAuth(...) ?