I believe there is a bug with the SLAS helpers, specifically the ones that deals with redirect callbacks: authorize and loginRegisteredUserB2C.
Currently these two helpers will throw an error if the response status is not 303. However, on the browser environment, we always follow the redirect and by following the redirect, the response status will not be 303, but the response from the actual callback endpoint, which is likely a 200 or something. Screenshot below shows that the callback 200 causes the helpers to throw.
Problematic code:
const response = await slasClientCopy.authenticateCustomer(options, true);
// when the redirect is followed on the browser, status will not be 303
// and the if statement will always evaluate to true and throws error
if (response.status !== 303) {
throw new ResponseError(response);
}
Secondly, there are two scenarios when we need to throw errors:
when SLAS API returns error, which the status code is >= 400.
when the redirect callback has an error query string /callback?error=invalid_request <- this is not handled!
The PR fixes the above two issues.
I've tested the solution on my PWA testing project and it seems the issue is gone with the changes in this PR.
Hey team,
I believe there is a bug with the SLAS helpers, specifically the ones that deals with redirect callbacks:
authorizeandloginRegisteredUserB2C.Currently these two helpers will throw an error if the response status is not 303. However, on the browser environment, we always follow the redirect and by following the redirect, the response status will not be 303, but the response from the actual callback endpoint, which is likely a 200 or something. Screenshot below shows that the callback 200 causes the helpers to throw.
Problematic code:
Secondly, there are two scenarios when we need to throw errors:
/callback?error=invalid_request<- this is not handled!The PR fixes the above two issues.
I've tested the solution on my PWA testing project and it seems the issue is gone with the changes in this PR.