feat(auth): add option to disable idp oauth flow #13373
Open
+124
−12
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes
Amplify supports two types of oauth flows in V5 "IDP (initiated by provider)" and "SP (initiated by client)". Since IDP flow is initiated outside of Amplify we uses a global urlListener to handle the oauth response when the url query params contain
code
,access_token
orerror
.However even if the app isn't redirected from HostedUI but contains the the url query params
code
,access_token
orerror
, the global urlListener is hit and the url is replaced with the redirectSignIn urlSolution
Amplify.configure()
to optionally disable IDP initiated flow to avoid calling the global urlListeneramplify-sp-initiated-oauth-inFlight
flag in local storageIssue #, if available
Description of how you validated changes
Tested the following flows
idpEnabled
in Amplify.configureidpEnabled: true
and ignored whenidpEnabled: false
idpEnabled: false
Checklist
yarn test
passesBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.