Can not get the access token on Firefox browser

Question

Can not get the access token on Firefox browser

giangbv1984 opened this issue a year ago · 6 comments

giangbv1984 commented a year ago

Checklist

The issue can be reproduced in the auth0-react sample app (or N/A).
I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
I have looked into the API documentation and have not found a suitable solution or answer.
I have searched the issues and have not found a suitable solution or answer.
I have searched the Auth0 Community forums and have not found a suitable solution or answer.
I agree to the terms within the Auth0 Code of Conduct.

Description

Unable to get access token due to cookie policy on Firefox browser.
Error message:
Some cookies are incorrectly using the recommended attribute “SameSite“ 5
Cookie “auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.organization_hint” does not have the appropriate “SameSite” attribute value. Going forward, cookies without the “SameSite” attribute or with an invalid value will be considered “Lax”. This means that cookies will no longer be sent in a third-party context. If your application depends on this cookie being available in such contexts, please add the “SameSite=None” attribute to it. To know more about the “SameSite” attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite @auth0_auth0-react.js:789:22
Cookie “auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.organization_hint” does not have the appropriate “SameSite” attribute value. Going forward, cookies without the “SameSite” attribute or with an invalid value will be considered “Lax”. This means that cookies will no longer be sent in a third-party context. If your application depends on this cookie being available in such contexts, please add the “SameSite=None” attribute to it. To know more about the “SameSite” attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite @auth0_auth0-react.js:789:22
Cookie “_legacy_auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.organization_hint” does not have the appropriate “SameSite” attribute value. Going forward, cookies without the “SameSite” attribute or with an invalid value will be considered “Lax”. This means that cookies will no longer be sent in a third-party context. If your application depends on this cookie being available in such contexts, please add the “SameSite=None” attribute to it. To know more about the “SameSite” attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite @auth0_auth0-react.js:789:22
Cookie “auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.is.authenticated” does not have the appropriate “SameSite” attribute value. Going forward, cookies without the “SameSite” attribute or with an invalid value will be considered “Lax”. This means that cookies will no longer be sent in a third-party context. If your application depends on this cookie being available in such contexts, please add the “SameSite=None” attribute to it. To know more about the “SameSite” attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite 2 @auth0_auth0-react.js:789:22
Cookie “_legacy_auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.is.authenticated” does not have an appropriate “SameSite” attribute value. Going forward, cookies without the “SameSite” attribute or with an invalid value will be considered “Lax”. This means that cookies will no longer be sent in a third-party context. If your application depends on this cookie being available in such contexts, please add the “SameSite=None” attribute to it. To know more about the “SameSite” attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

Reproduction

Unable to get access token due to cookie policy on Firefox browser.

Additional context

No response

auth0-react version

2.1.0

React version

17.02

Which browsers have you tested in?

Firefox

Answer 1 · 2023-11-28T09:24:21.000Z

I dont see how that could cause the issue you mention. The cookie “auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.organization_hint” is ment for local access only, and should not be sent to a server. So the warning should not cause issues with the functionality.

I assume something else is going on. Do you have third party cookies blocked?

Answer 2 · 2023-11-28T09:54:05.000Z

I dont see how that could cause the issue you mention. The cookie “auth0.qZh0xCOCcama7KQbjk7ZnioQerH8uRDq.organization_hint” is ment for local access only, and should not be sent to a server. So the warning should not cause issues with the functionality.

I assume something else is going on. Do you have third party cookies blocked?

I do not use a cookie blocker. However, this error only appears on Firefox

Answer 3 · 2023-11-28T10:10:44.000Z

On Chrome, I still see the auth0 cookie being added to memory, however on Firefox it is not. So getting the access token failed.

Answer 4 · 2023-11-28T10:13:00.000Z

Please provide a reproduction so we can look into this, as the information provides is insufficient for us to act accordingly. Once we have a reproduction we can look into this.

You can use https://github.com/auth0-samples/auth0-react-samples to help reproduce this, ensure to provide us with either a forked version that reproduces the issue, or clear reproduction steps on how to reproduce it in that sample.

Answer 5 · 2023-11-28T10:15:43.000Z

Please provide a reproduction so we can look into this, as the information provides is insufficient for us to act accordingly. Once we have a reproduction we can look into this.

You can use https://github.com/auth0-samples/auth0-react-samples to help reproduce this, ensure to provide us with either a forked version that reproduces the issue, or clear reproduction steps on how to reproduce it in that sample.

Okay, will soon.

Answer 6 · 2023-12-07T07:47:56.000Z

Closing, can reopen if you have a reproduction.