search

auth0 / react-native-auth0

React Native toolkit for Auth0 API
https://auth0.com
MIT License
493 stars 209 forks source link

screen_hint: "signup" is not reliable -- apple logins in particular #926

Open mprevdelta opened 4 months ago

mprevdelta commented 4 months ago

Checklist

Description

So after consulting the examples for a "signup" workflow I found the "screen_hint" option which can be used to (usually) direct a user to the signup mode of the Lock screen.

This is important for our users as many fail to find the "signup" option on Auth0's default lock, so we use this to explicitly send them there.

For password logins this seems to work fine, but for Apple logins on iPhone's, this prompt seems to fail after the user has logged in once.

Reproduction

  1. Login with the Apple social login
  2. Use any combination of clearCredentials and/or clearSession to log the user out.
  3. Invoke authorize() with screen_hint="login" in additionalParameters
  4. User automatically logs in as the Apple user from step 1.

Additional context

No response

react-native-auth0 version

3.2.1

React Native version

0.74.2

Expo version

51

Platform

iOS

Platform version(s)

14

mprevdelta commented 4 months ago

The root issue here may be the clearCredentials() and clearSession() don't fully clear the session.

If I manually invoke the logout through WebBrowser it seems to more fully clear the session and the signup hint correctly applies...

const params = {
  client_id: AUTH0_CLIENT_ID
};

const queryParams = toQueryString(params);
const logoutUrl = `https://${AUTH0_DOMAIN}/v2/logout/${queryParams}`;
await WebBrowser.openAuthSessionAsync(logoutUrl, {
  dismissButtonStyle: 'done',
  showInRecents: false,
  readerMode: true
});