auth-module
auth-module copied to clipboard
Published
20 hours ago •
nuxt-community
nuxt-community
code_verifier missing on subsequent page requests
Version
module: 5.0.0-1617968180.f699074 nuxt: 2.15.3
Nuxt configuration
mode:
- [X] universal
- [ ] spa
Nuxt configuration
auth: {
redirect: {
login: '/',
callback: '/',
home: '/',
},
strategies: {
local: false,
auth0: {
clientId: process.env.AUTH0_CLIENT_ID,
codeChallengeMethod: 'S256',
domain: process.env.AUTH0_DOMAIN,
grantType: 'authorization_code',
responseType: 'code',
scope: ['offline_access'],
},
},
},
Reproduction
Here is a repo with Nuxt and @nuxtjs/auth-next showing the issue. If you configure this with Auth0, log in, and refresh the page, the /oath/token request on the refresh will fail.
https://github.com/CoreyT355/token-issue
What is expected?
Page refreshes pass the code_verifier to the token endpoint and verify succesffuly.
What is actually happening?
The code_verifier is missing, and the request to the token endpoint fails with a 403
Steps to reproduce
Pull my repo, yarn install, and configure an auth0 application for PKCE.
Additional information
Checklist
- [X] I have tested with the latest Nuxt version and the issue still occurs
- [X] I have tested with the latest module version and the issue still occurs
- [X] I have searched the issue tracker and this issue hasn't been reported yet
Hi @CoreyT355 We are facing the same issue. Did you found the solution of it?
