search

auth0 / auth0-flutter

Auth0 SDK for Flutter
https://pub.dev/documentation/auth0_flutter/latest/
Apache License 2.0
59 stars 39 forks source link

Failed to get Credentials After Successful Web Redirect Login #294

Closed KingUgochukwu closed 1 year ago

KingUgochukwu commented 1 year ago

Checklist

Description

Hello Auth0 devs,

I am having an issue where I am unable to load the credentials after using the redirect method on the Auth0Web class and need some guidance on how to solve this issue

To start my auth process on web I call the login and attempt to return my credentials like this. I expect the credentials if its successful or an exception on failure. 

await _auth0Web.loginWithRedirect(
            audience: auth0Audience,
            scopes: authScopes['auth'],
            redirectUrl: auth0Redirect);

return Right(await _auth0Web.credentials());

I also run the onLoad function on when the app is loaded to attempt to get the redirect 

    if (kIsWeb) {
      final creds = await _auth0Web.onLoad();
      if (creds != null) {
        return creds;
      } else {
        return _auth0Web.credentials();
      }
    }

Would like to know if there is something I am doing wrong with the implementation of this method

  final creds = await _auth0Web.onLoad();

returns null

and
return _auth0Web.credentials();

always throws a │ ⛔ login_required: Multifactor authentication required exception

even after the user has completed the MFA in the redirect redirect.

using popups works without a hitch

 final result = await _auth0Web.loginWithPopup(
          audience: auth0Audience,
          scopes: authScopes['auth'],
        );
        return Right(result);

Reproduction

  1. Authorize user with Redirect on web platform
  2. Attempt to load credentials after successful auth

Additional context

No response

auth0_flutter version

^1.2.1

Flutter version

3.7.10

Platform

Web

Platform version(s)

No response

Widcket commented 1 year ago

Hi @KingUgochukwu, thanks for raising this.

Can you reproduce this in the sample app?

KingUgochukwu commented 1 year ago

@Widcket Thanks for your response. I have noticed that this behavior is replicable in the example only if I specify the audience for the login request. 

      if (kIsWeb) {
        return auth0Web.loginWithRedirect(
            redirectUrl: 'http://localhost:8081',
            audience: dotenv.env['AUTH0_AUDIENCE']);
      }

Running on the sample app I actually get logs for this issue. 

ChromeProxyService: Failed to evaluate expression 'GetTokenSilentlyOptions': InternalError: Expression evaluation in async frames is not supported. No frame with index 16..
Error: login_required: Multifactor authentication required
dart-sdk/lib/_internal/js_dev_runtime/private/ddc_runtime/errors.dart 266:49  throw_
packages/auth0_flutter/src/web/auth0_flutter_plugin_real.dart 128:7           credentials$
dart-sdk/lib/_internal/js_dev_runtime/patch/async_patch.dart 60:31            <fn>
dart-sdk/lib/async/zone.dart 1665:54                                          runBinary
dart-sdk/lib/async/future_impl.dart 162:22                                    handleError
dart-sdk/lib/async/future_impl.dart 779:46                                    handleError
dart-sdk/lib/async/future_impl.dart 800:13                                    _propagateToListeners
dart-sdk/lib/async/future_impl.dart 575:5                                     [_completeError]
dart-sdk/lib/async/future_impl.dart 666:7                                     callback

FYI, the MFA has already been successfully completed by the user when this message comes in and this only comes about if the audience is specified. Logging in with a popup utilizing the same audience value does not lead to any issues.

Thanks for your time

Widcket commented 1 year ago

Hi @KingUgochukwu, please check out https://github.com/auth0/auth0-flutter/issues/298#issuecomment-1663066140.

Widcket commented 1 year ago

Closing as I think the above answers your question. Please feel free to ping if you'd prefer to reopen.