Two potential bugs regarding bookmarking apps?

[pmoulos]

Hi,

Firstly, thanks for this excellent package! It made the whole auth0 setup so much easier and also gave ideas how to use httr with other authentication services.

Now, I think I have identified, two, if not bugs, then potential enhancements:

1. When using bookmarks, Shiny adds _state_id_ in the bookmark URL. If we then logout (through the logout_url function for example), the logout redirect URI that is created contains _state_id_. If the user immediately logs back again, the previous bookmark is restored. I am not sure whether this is a desired behaviour. What if another user logs in with other credentials? Maybe I am missing some technical details here, but from my perspective this is not desirable and I implemented a fix by simply reconstructing the redirect URI without _state_id_ in.

2. When using the remote_url parameter (in _auth0.yml) for deployment in a remote server and enforcing local is not an option because it would complicate other things (e.g. when using Apache mod_proxy to avoid displaying the Shiny port), bookmarks are not restored. Again, I 've implemented a fix/addition for this.

I 've forked the package and implemented these fixes/additions. You can review here.

If you think it's ok I could create a PR?

Thanks again.

[jtrecenti]

Hi @pmoulos , thank you so much for the fixes!

I tried to install the package and it did not install. Apparently, it has some parenthesis/curly braces missing.

I've added them and successfully installed the package, but then I tried to run a simple app (the "logout" example) and it threw an error from mapply() operation.

Could you fix these please? Thanks again!

[pmoulos]

Hi @jtrecenti,

Sorry for the typos, it initially worked but seems I missed something from the comitted version.
I believe I fixed them. Could you please check? The "logout" app is working for me.

By the way, another thing that may need clarification in the docs is that if _auth0.yml has remote_url configured, this should not end with a slash (/) as auth0 URL parsing system seems to completely ignore the whole query (found out here).

Thanks again for all the work.

[pmoulos]

Hi @jtrecenti!
Did you have the chance to review the latest changes?
Thanks!

[jtrecenti]

Hi, actually I didn't have time to look at it carefully, sorry about that. I'll manage to do so in the next few weeks

…

On Mon, Feb 3, 2020, 02:38 Panagiotis Moulos ***@***.***> wrote: Hi @jtrecenti <https://github.com/jtrecenti>! Did you have the chance to review the latest changes? Thanks! — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#60?email_source=notifications&email_token=AAK4EMRBJDRWR7LN2CXENEDRA7X2ZA5CNFSM4KGGDVY2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKTKUVY#issuecomment-581347927>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAK4EMXCP4UFTBDRWB437MTRA7X2ZANCNFSM4KGGDVYQ> .

[Kvit]

could this be related to #62?

[pmoulos]

Hi @Kvit,
It could be. Can you check if my fork fixes this?
Thanks.

[Kvit]

Hi @Kvit,
It could be. Can you check if my fork fixes this?
Thanks.

AWESOME, yes, it solves the problem, thanks a ton!

[Kvit]

There is an issue though: somewhere in process URL parameters become URL-decoded and this breaks the URL. For example, try parameter like/?param=two%20words , it will become /?param=two words