Facing login issue as "Authentication failed" when login (through PingFed oauth2.0) app in canvas iframe. Meanwhile app is working fine in browser(UI) side. We have the app working in salesforce as well as iframe. might be cookie is not set properly or behave properly in iframe canvas app.
I try to login(using the pingfed oauth 2.0) the app in canvas iframe in salesforce. I want it should be login properly as it is login properly into UI browser side. When i put my credentials in login page. login through pingFed oauth2.0. when i clicked on login I'm getting "Authentication failed". But the same functionlity working in UI browser. I'm able to login(through PingFed oauth2.0) in my UI side. But not able to do same in canvas iframe in salesforce
I'm having this in my function for auth/login
res.cookie(
"verifier", verifier, {
maxAge: tenMins,
httpOnly: true,
domain,
path:"/",
secure: true,
sameSite: "none"
});
const state = crypto.randomBytes(16).toString('base64').replace('==', '');
res.cookie("state", state, {
maxAge: tenMins,
httpOnly: true,
domain,
path:"/",
secure: true,
sameSite: "none"
});
const nonce = crypto.randomBytes(16).toString('base64').replace('==', '');
res.cookie("nonce", nonce, {
maxAge: tenMins,
httpOnly: true,
domain,
path:"/",
secure: true,
sameSite: "none"
});
const query = querystring.stringify({
client_id: process.env.REACT_APP_AUTH_CLIENT_ID,
response_type: "code",
state: state,
scope: process.env.REACT_APP_AUTH_SCOPE,
nonce: nonce,
code_challenge: challenge,
redirect_uri: process.env.REACT_APP_AUTH_REDIRECT_URL,
code_challenge_method: "S256",
});
res.redirect(
`${process.env.REACT_APP_AUTH_URL}?` + query
);