Hello! I’ve been studying ‘auth0-spa-js’ and the Vue QuickStart. I can see on the official code sample that we intend for the Auth0 Client to be instantiated in the
created() method of the Vue Plugin that wraps the core
auth0-spa-js functionality. So far so good.
My problem is that this is conflicting with Stripe’s OAuth integration for Stripe Connect on Safari. Stripe Connect redirects the authenticated user from Stripe back to my SPA with its own ‘?code=‘ and ‘?state=‘ and these Stripe query params get lost… somewhere in the intersection of silent auth trying to renew the session, Safari’s treatment of redirects, and using the same query params twice (for Stripe and for Auth0’s redirect). They get uri encoded and then can’t seem to be unencoded by Safari automatically and they’re dropped, and by the time the dust settles the Stripe params are gone from the URL.
I’m thinking I could solve the problem by having a special route that doesn’t attempt silent auth so I can capture Stripe’s code and state before silent auth sweeps them away. What is the best way to adjust the official example so that it won’t attempt silent auth for a specific route? Maybe move the Auth0 Client instantiation into the Vue Router?