Redirect to signup view on hosted Lock page using Auth0AuthenticationProvider

Hello!

I’m using the Auth0AuthenticationProvider (nuget package) to jack Auth0 authentication into my Owin app.
The login/signup form is the Auth0 hosted Lock page.

When prompting a user to authorize themselves using the ChallengeResult class (HttpUnauthorizedResult) in the Login action the user is correctly redirected to the login screen on the hosted login page.

Now I want to be able to also redirect the user directly to the signup screen of the hosted login page. Browsing the documentation for Lock I came across the “initialScreen : login/signUp/forgotPassword” parameter that is used when configuring Lock. Can this parameter be passed to the Lock application on the hosted login page from the Owin Auth0AuthenticationProvider? I’ve tried passing the parameter to the /userinfo endpoint but I have a feeling this is not the correct way to do it, and it does not work.

Below the Owin config:

// domain, clientid and client secret configuration
....
Provider =  new Auth0AuthenticationProvider
                {
                    OnApplyRedirect = context =>
                    {
                        string userInfoAudience = $"https://{MyAuth0Domain}/userinfo";
                        string redirectUri = context.RedirectUri + "&audience=" + WebUtility.UrlEncode(userInfoAudience);

                        if (context.Properties.Dictionary.ContainsKey("InitialScreen"))
                        {
                            redirectUri += "&initialScreen=" + context.Properties.Dictionary["InitialScreen"]; // "signUp"
                        }
                        
                        context.Response.Redirect(redirectUri);
                    },
... some other event handlers

Any advice would be appreciated!

1 Like

I was just about to post a similar question as I didn’t find any info on this yesterday. :slight_smile:

My only client (so far) is using SAML - as a proof of concept I added the following code to the lock config on the hosted page:
initialScreen: new URL(window.location.href).searchParams.get(“initialScreen”),
… and manually added &initialScreen=forgotPassword at the end of the URL I’m being redirected to.
Still have to figure out how to get the app to append the param as you’re already doing.

So perhaps this would solve your scenario as you’re already appending the value to the URL?

-Tolli

Tolli,

I tried your suggestion and it worked. Thank you!
I’d think that there would be some built in logic in Lock to handle these configuration options by passing url parameters (like redirectUrl), but I guess this will work too.

Best,
Jesper

Great to hear! :slight_smile:

I totally agree - was expecting this to be a bit more straight-forward. Hoping someone will pitch in with more info…

-Tolli

Be warned that the above does not work with MS Edge or Internet Explorer at this time. I’ve changed to using the following, and then accessing parameters like parsed_qs.initialScreen.

function parse_query_string(query) {
var vars = query.split(“&”);
var query_string = {};
for (var i = 0; i < vars.length; i++) {
var pair = vars[i].split(“=”);
var key = decodeURIComponent(pair[0]);
var value = decodeURIComponent(pair[1]);
// If first entry with this name
if (typeof query_string[key] === “undefined”) {
query_string[key] = decodeURIComponent(value);
// If second entry with this name
} else if (typeof query_string[key] === “string”) {
var arr = [query_string[key], decodeURIComponent(value)];
query_string[key] = arr;
// If third or later entry with this name
} else {
query_string[key].push(decodeURIComponent(value));
}
}
return query_string;
}

var parsed_qs = parse_query_string(window.location.href.split('?')[1]);

Thanks for the heads up! I realized this the other day when testing on Safari on OSX.

I changed the code to something similar you suggested, and it’s working as expected.