SDK:
@auth0/auth0-react v. 1.1.0
The withAuthenticationRequired method accepts a claimCheck prop.
This is used here:
const routeIsAuthenticated = isAuthenticated && claimCheck(user);
The problem is the following.
Suppose we have a protected route /protected-route and we want users that are missing a certain claim to be navigated away from this route towards some other route let’s say /home (i.e. in the case that the claimCheck callback resolves to false). At the same time, we want users that do have this claim to be redirected back to this route (after the authentication flow).
As it stands now, the same returnTo prop is used in either case:
const opts = {
...loginOptions,
appState: {
...loginOptions.appState,
returnTo: typeof returnTo === 'function' ? returnTo() : returnTo,
},
};
(async (): Promise<void> => {
await loginWithRedirect(opts);
})();
This leads to infinite loop behaviour since we’re treating the claimCheck false case effectively the same as a non-authenticated user (from a returnTo prespective).
I propose we provide an altReturnTo prop to enable the app to redirect users to some other route specifically for the case that claimCheck(user) resolves to false.
The point is to be able to distinguish between these two cases:
isAuthenticated && claimCheck(user)isAuthenticated && !claimCheck(user)