I’m using the Auth0AuthenticationProvider (nuget package) to jack Auth0 authentication into my Owin app.
The login/signup form is the Auth0 hosted Lock page.
When prompting a user to authorize themselves using the ChallengeResult class (HttpUnauthorizedResult) in the Login action the user is correctly redirected to the login screen on the hosted login page.
Now I want to be able to also redirect the user directly to the signup screen of the hosted login page. Browsing the documentation for Lock I came across the “initialScreen : login/signUp/forgotPassword” parameter that is used when configuring Lock. Can this parameter be passed to the Lock application on the hosted login page from the Owin Auth0AuthenticationProvider? I’ve tried passing the parameter to the /userinfo endpoint but I have a feeling this is not the correct way to do it, and it does not work.
Below the Owin config:
// domain, clientid and client secret configuration
....
Provider = new Auth0AuthenticationProvider
{
OnApplyRedirect = context =>
{
string userInfoAudience = $"https://{MyAuth0Domain}/userinfo";
string redirectUri = context.RedirectUri + "&audience=" + WebUtility.UrlEncode(userInfoAudience);
if (context.Properties.Dictionary.ContainsKey("InitialScreen"))
{
redirectUri += "&initialScreen=" + context.Properties.Dictionary["InitialScreen"]; // "signUp"
}
context.Response.Redirect(redirectUri);
},
... some other event handlers
I was just about to post a similar question as I didn’t find any info on this yesterday.
My only client (so far) is using SAML - as a proof of concept I added the following code to the lock config on the hosted page:
initialScreen: new URL(window.location.href).searchParams.get(“initialScreen”),
… and manually added &initialScreen=forgotPassword at the end of the URL I’m being redirected to.
Still have to figure out how to get the app to append the param as you’re already doing.
So perhaps this would solve your scenario as you’re already appending the value to the URL?
I tried your suggestion and it worked. Thank you!
I’d think that there would be some built in logic in Lock to handle these configuration options by passing url parameters (like redirectUrl), but I guess this will work too.
Be warned that the above does not work with MS Edge or Internet Explorer at this time. I’ve changed to using the following, and then accessing parameters like parsed_qs.initialScreen.
function parse_query_string(query) {
var vars = query.split(“&”);
var query_string = {};
for (var i = 0; i < vars.length; i++) {
var pair = vars[i].split(“=”);
var key = decodeURIComponent(pair[0]);
var value = decodeURIComponent(pair[1]);
// If first entry with this name
if (typeof query_string[key] === “undefined”) {
query_string[key] = decodeURIComponent(value);
// If second entry with this name
} else if (typeof query_string[key] === “string”) {
var arr = [query_string[key], decodeURIComponent(value)];
query_string[key] = arr;
// If third or later entry with this name
} else {
query_string[key].push(decodeURIComponent(value));
}
}
return query_string;
}
var parsed_qs = parse_query_string(window.location.href.split('?')[1]);