I’ve tried the below using $_COOKIE and $_SESSION also, and they both have the exact same issue - I call the header(location) in the redirect PHP script and it correctly redirects to the origin page but with no login session even though this is post login…
Why is the login breaking when using these methods? Is it as I’m not verifying state?
My login file:
<?php
require DIR . ‘/vendor/autoload.php’;
use Auth0\SDK\Auth0;
setcookie('redirect_url', $_SERVER['HTTP_REFERER'], time() + (86400 * 30), "/");
my domain, token etc.
$redirect_uri = "http://localhost:3000/auth/redirect.php";
$audience = "";
if($audience == ''){
$audience = 'https://' . $domain . '/userinfo';
}
$auth0 = new Auth0([
'domain' => $domain,
'client_id' => $client_id,
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'audience' => $audience,
'scope' => 'openid profile',
'persist_id_token' => true,
'persist_access_token' => true,
'persist_refresh_token' => true,
]);
\Firebase\JWT\JWT::$leeway = 2400000;
$auth0->login();
My redirect page:
<?php
echo "Thank you for using us, redirecting you...";
$redirect = $_COOKIE['redirect_url'];
header('Location: '.$redirect);
?>
What is the issue here? Please help 