My authentication with React hooks works fine with the Auth0 universal login. Once logged in, then navigate to a protected page and visit a signed URL which points to a Google Cloud storage signed url the content (like a PDF) opens up in the same window. Once I try to navigate back within the browser, then I prompted to login again.
I have even whitelisted this location (google.storageapis.com/…) in the Allowed Callback URLs
and Allowed Web Origins on my application dashboard at Auth0.
The solution for me would be one of the two following.
- Force to open the content in a new tab of the same browser without any security vulnerabilities. If I understand well, a target as “_blank” might be that one. So then the user can navigate back to the application easily by changing tabs.
- Solve the redirect back to the same page where the content link was sitting.
I am using React router "react-router": "4.3.1", "react-router-dom": "4.3.1"
The app is created by create-react-app, and version is "^16.8.6"