Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth0: Authentication Session Not Persisting Across Tabs #451

Open
tzachbaksis opened this issue Jun 28, 2023 · 1 comment
Open

Auth0: Authentication Session Not Persisting Across Tabs #451

tzachbaksis opened this issue Jun 28, 2023 · 1 comment
Assignees
@sqrrrl

Comments

@tzachbaksis
Copy link

I have encountered an issue with the OAuth2 library in Google Apps Script, specifically related to the persistence of the authentication session across different tabs or browser instances. When using the provided authentication flow with Auth0, I noticed that after logging in through my Gmail add-on, the authentication session does not persist when opening a new tab or browser instance.

Expected Behavior:

When logging in to app without the add-on, the authentication session remains active, and opening a new tab or browser instance does not require reauthentication.
The same behavior is expected when logging in through the Gmail add-on, where the authentication session should persist across tabs or browser instances.

Observed Behavior:

After logging in through the Gmail add-on, opening a new tab or browser instance prompts me to authenticate again when accessing mywebsite.com.
This behavior is inconsistent with the expected behavior observed when logging in without the add-on.

Code sample:

var scopes = ['openid', 'profile', 'email', 'offline_access']

function getService() {
  return OAuth2.createService('auth')
    .setAuthorizationBaseUrl('https://{auth0 custom domain}/authorize')
    .setTokenUrl('https://{auth0 custom domain}/oauth/token')
    .setClientId(MY_CLIENT_ID)
    .setScope(scopes.join(' '))
    .setCallbackFunction('authCallback')
    .setCache(CacheService.getUserCache())
    .setPropertyStore(PropertiesService.getUserProperties())
    .setParam('audience', MY_AUDIENCE)
    .setParam('response_type', 'code')
    .setParam('response_mode', 'query')
    .setParam('prompt', 'login')
}
  1. Is it possible to persist the authentication session across tabs or browser instances when using the OAuth2 library in Google Apps Script with Auth0?
  2. Does achieving session persistence require specific configuration settings within Auth0?
  3. Are Auth0 session cookies utilized to maintain the authentication session across different tabs or browser instances?

Thanks in advance
@erickoledadevrel
Copy link
Contributor

It looks like you are setting the cache and property store correctly:

.setCache(CacheService.getUserCache())
.setPropertyStore(PropertiesService.getUserProperties())

There may be a small delay between when cache writes are reflected in cache reads, but it should be short enough to not matter. Does waiting a minute before opening the new window change anything?

What code are you using to determine if the user needs to authenticate again? Could it be that there is an error in that logic?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sqrrrl sqrrrl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sqrrrl @erickoledadevrel @tzachbaksis