Conversation
`this.setState` can't work without the component context
ice-chillios
left a comment
ice-chillios
left a comment
There was a problem hiding this comment.
@fabien0102 Thanks for updating :) I've gone into native solution at the end because nobody was responding...
main.js
Outdated
| client_id: auth0ClientId, | ||
| response_type: 'token', | ||
| response_type: 'id_token', | ||
| nonce: 'alongrandomstringtopreventtokenreplayattacks', |
There was a problem hiding this comment.
Maybe this should be handled by exactly random string? :) Auth0 example seems to be handling this in nicer way :)
There was a problem hiding this comment.
I wanted to keep this PR simple, but yeah a random string store into asyncStorage is better for production requirements ;) So as you want, I can add this security part or not
|
Normally now it's working and it's really secured! I let @charlesvinette make the real integration test (it's his account on this example) |
main.js
Outdated
| } | ||
|
|
||
| _loginWithAuth0 = async () => { | ||
| async _loginWithAuth0() { |
There was a problem hiding this comment.
Why You've changed arrow functions into normal ones? When you are changing this from arrow you do not have a this context. That's why you have to .bind(this) at the top in this._handleAuth0Redirect call :)
There was a problem hiding this comment.
Good to know, I just would to uniformise all functions style ^^ So back to arrow functions!
charlesvinette
left a comment
charlesvinette
left a comment
There was a problem hiding this comment.
Hello guys!
Thanks for helping out with the example. With the recent release of Expo SDK 21, we released a new module called AuthSession (https://docs.expo.io/versions/latest/sdk/auth-session.html) to facilitate Auth flow with Webbrowsers, such as Auth0. From now on, I would suggest using this approach, as seen in this PR that I am about to review -> #10. Once again, thanks for your involvement and let me know what you think of the new module!
|
Nice! I have just finished to test this pattern into my own playground app ^^ I will try this new expo module tomorrow! BTW, I close this PR 😉 |
|
@fabien0102 Glad to hear it! Have a good day and let me know if I can be of any help |
|
@charlesvinette
|
|
Hey @fabien0102 ! Can you share your code where you initiate the |
|
@charlesvinette Thanks for this point. I made a PR ( #11 ) to add the missing nonce (and my local is exactly the same as this example for this part, it's not yet public but soon 😉 ). I think it can works with turning on the OIDC part without nonce (but I'm really not sure and I prefer not play with this button ^^)
|
3 participants
ref #6
Hello everybody,
the Auth0 API seams to have changed since this example (no more
id_tokenin the basic response), so this is my fixes after some researches and tests.Please note that I've fixed the context of the handler, I can make another PR for this if needed 😉
Auth0 doc ref:
https://auth0.com/docs/api-auth/intro#implicit-grant