datatools-ui icon indicating copy to clipboard operation
datatools-ui copied to clipboard
verified publisher icon ibi-group

Auth0 returns a stale userInfo

Open aguiraf opened this issue 6 years ago • 1 comments

Observed behavior

Watch/Unwatch button doesn't mantain the correct state; this is because data retrieved from auth0 /userinfo call is not updated with last modifications, despite app_metadata on auth0 user profile gets correctly updated

Expected behavior

UI gets updated with app_metadata modifications

Steps to reproduce the problem

  • click watch button on FeedViewer manager page (the app_metadata gets updated on Auth0)
  • navigate to the feed's project page (/userinfo is called BUT retrieve stale data)
  • navigate back to the feed page: the button still show "watch" even if it should show "unwatch"

Any special notes on configuration used

We found this enlightening thread on Auth0 forum: https://community.auth0.com/t/auth0-returns-a-stale-userinfo/13030/6 TLDR: /userinfo endpoint retrieve historical data from the latest authentication point in time

Version of datatools-ui and datatools-server if applicable

  • dev brench on both server and ui
  • using a new Auth0 tenant

aguiraf avatar Jul 23 '19 13:07 aguiraf

I can replicate this problem as well, thanks for identifying this. I'm not sure what's a great solution for this at the moment. We do intend to replace how we are storing subscriptions/permissions in the app_metadata object with a new collection in the datatools-server MongoDB that contains user information, which would entirely solve this issue. But if you do have a solution in the meantime, we're happy to accept a PR.

landonreed avatar Jul 25 '19 15:07 landonreed