Comments (4)
Thanks for reaching out, I am not sure I fully understand how to reproduce this, can you please elaborate on the exact reproduction steps?
I tried the following:
- Call loginWithRedirect, this does not use local storage but does use session storage. Emulating this throwing an exception works as expected and I get an expection without being redirected to Auth0. So for me, this is already where it ends, I am not redirected to Auth0, I don't get any white page, and I get a clear error in the console (the own thrown by sessionStorage.setItem).
Just to be clear, what I did was instead of calling sessionStorage.setItem
, I used throw new DOMException('TEST - CAN NOT WRITE TO LOCAL STORAGE');
, and this is the output:
Even though this is not using a real quota exceeded error, this simulates the same situation when setItem
would throw any error upon calling loginWithRedirect
.
I am testing with the Simulacrum Auth.0 simulator,
I am not aware of this and have never used it. I do not think it should impact the issue at hand here, but I do recommend trying with real Auth0 just to be sure.
from auth0-spa-js.
Thanks for reaching out, I am not sure I fully understand how to reproduce this, can you please elaborate on the exact reproduction steps?
I tried the following:
* Call loginWithRedirect, this does not use local storage but does use session storage. Emulating this throwing an exception works as expected and I get an expection without being redirected to Auth0. So for me, this is already where it ends, I am not redirected to Auth0, I don't get any white page, and I get a clear error in the console (the own thrown by sessionStorage.setItem).
Hm. Perhaps I was running into Firefox edge cases or session storage quota bugs when local storage was near capacity. I have thousands of keys and a years-old Firefox profile, so perhaps it was gremlins. In any case, sadness.
One thing I did not think to note in my original bug report was that I annoy the user by asking them to grant persistent storage before allocating localstorage by using navigator.storage.persist. Looking at how much storage I am granted when I try to allocate all the space, it seems that I am allowed to get over 9MB. If Firefox is letting me allocate so much, and the quotas are supposed to be 5MB for session and 5MB for local, I'm probably being allowed to impinge on session storage's quota?! That seems like a bug, but I'm happy about that because I get so much more storage. Can you tell me, assuming this bug is intended behavior, how much space should I reserve from the 10MB quota for Auth.0? I don't believe I have any other Session Storage consumers than Auth.0, so I will give you whatever you require with padding.
Here is what I see in terms of free space right now.
I am testing with the Simulacrum Auth.0 simulator,
I am not aware of this and have never used it. I do not think it should impact the issue at hand here, but I do recommend trying with real Auth0 just to be sure.
Oh, it would be smashing if you gave us a first-party localhost auth.0 simulator! A simulator lets me do TDD and integration testing without needing the internet or your servers. Think about the extra sneaky market advantages you would have by improving the developer experience that way! ;) There's a very good reason why Dynamo has a Dynamo Local and why Azure had to catch up with their Azure Cosmos Emulator.
I had to jump through fiery hoops to automate the Simulacrum Auth.0 Simulator and it only simulates the login and token flows. Would love to also have mock Auth.0 Management API's for my server side instead of wiremocking them myself, probably imprecisely compared to what you would produce.
from auth0-spa-js.
I cant tell you how much storage you should account for, as you can put all kind of things in your token that are outside of our control.
Regarding the local solution, feel free to pass feedback on https://auth0.com/feedback.
Alternativly, u can use node-oidc-provider to spin up a local oidc server and interact with that for your tests, we do the same for our integration tests.
from auth0-spa-js.
Ok, it sounds like I have a lot of control over how much session storage is used.
Thanks for the tip, I will bookmark node-oidc-provider and investigate when I return to server-side testing.
I will close this ticket, but please reopen if you need anything from me. Thanks for looking into this.
from auth0-spa-js.
Related Issues (20)
- "Misconfiguration in the system or a service outage" error in Auth0 HOT 3
- prompt in authorizationParams is not getting override. It is coming none even if it is set to other value like login. HOT 7
- Sophos Cyber Security Endpoint detects ransomware in the package HOT 3
- Total Cookie Protection breaks auth HOT 2
- Angular SSR window.crypto HOT 1
- User without Organization Membership caused infitine login redirect loop HOT 2
- NullInjectorError HOT 1
- Use '.well-known/openid-configuration' to configure Auth0Provider (Auth0Client) calls HOT 6
- Clarify limits for checkSession method HOT 7
- React Quickstart causing error upon clicking the login button HOT 2
- organization option of Auth0Client.getTokenSilently function is unexpectedly reuse previous value HOT 4
- Make getTokenSilently Generic HOT 2
- Support `getAccessTokenSilently` for multiple audiences in parallel HOT 1
- auth0-spa-js for multipage app? HOT 3
- Suport for multi tab sessions HOT 5
- Add configuration option for custom transaction storage
- LoginWithPopup doesn't work in Microsoft Word add-in on Mac HOT 3
- Extra redirect on silent login after upgrade to v2 HOT 9
- Implicit return in auth0-spa-js/src/cache /cache-manager.ts when TS "noImplicitReturns" is set to true HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth0-spa-js.