search

JamesRandall / react-azure-adb2c

Looking for a maintainer - if interested please get in touch in issue #13
MIT License
45 stars 58 forks source link

Repeat login redirects in incognito browser #37

Open jdillman1989 opened 4 years ago

jdillman1989 commented 4 years ago

I have a react-router-dom Route set up to require authentication as per the package's documentation:

    import React from 'react';
    import { Route, BrowserRouter as Router, Switch } from 'react-router-dom';
    import authentication from 'react-azure-adb2c';
    import Home from '../Home';
    import Products from '../Products';

    authentication.initialize({
      instance: 'https://login.microsoftonline.com/tfp/',
      tenant: process.env.REACT_APP_AAD_DOMAIN,
      signInPolicy: process.env.REACT_APP_AAD_POLICY_ID,
      applicationId: process.env.REACT_APP_AAD_CLIENT_ID,
      scopes: [process.env.REACT_APP_AAD_SCOPES],
      cacheLocation: 'sessionStorage',
      redirectUri: process.env.REACT_APP_URL,
      postLogoutRedirectUri: process.env.REACT_APP_URL,
    });

    function App() {
      return (
        <Router>
          <Switch>
            <Route exact path="/" component={Home} />
            <Route
              exact
              path="/products"
              component={authentication.required(Products)} // require login to access /products
            />
          </Switch>
        </Router>
      );
    }

    export default App;

This works as expected in a normal browser window, the user clicks a link to /products, gets redirected to an Azure AD B2C login page, gets pushed back to the app on login, and then redirected to /products.

But in an incognito browser, when the user gets pushed back to the app after login, they get redirected back to the Azure login page a second time. If they log in again with the second prompt, then they get pushed to /products, as they should have the first time.

Wondering if this has been an issue for anyone else using this package?