Ensure organization hint cookie is removed in loginWithPopup

auth0 · Sep 6, 2021 · 98dda60 · 98dda60
1 parent 714e80f
commit 98dda60
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 0 deletions.
diff --git a/__tests__/Auth0Client/helpers.ts b/__tests__/Auth0Client/helpers.ts
@@ -150,7 +150,9 @@ export const loginWithRedirectFn = (mockWindow, mockFetch) => {
       customCallbackUrl
     } = processDefaultLoginWithRedirectOptions(testConfig);
     await auth0.loginWithRedirect(options);
+
     const redirectMethod = options?.redirectMethod || 'assign';
+
     expect(mockWindow.location[redirectMethod]).toHaveBeenCalled();
 
     if (error && errorDescription) {

diff --git a/__tests__/Auth0Client/loginWithPopup.test.ts b/__tests__/Auth0Client/loginWithPopup.test.ts
@@ -614,6 +614,20 @@ describe('Auth0Client', () => {
       );
     });
 
+    it('removes the organization hint cookie if no org_id claim was returned in the ID token', async () => {
+      const auth0 = setup();
+
+      await loginWithPopup(auth0);
+
+      expect(<jest.Mock>esCookie.remove).toHaveBeenCalledWith(
+        `_legacy_auth0.${TEST_CLIENT_ID}.organization_hint`
+      );
+
+      expect(<jest.Mock>esCookie.remove).toHaveBeenCalledWith(
+        `auth0.${TEST_CLIENT_ID}.organization_hint`
+      );
+    });
+
     it('saves `auth0.is.authenticated` key in storage for an extended period', async () => {
       const auth0 = setup({
         sessionCheckExpiryDays: 2

diff --git a/src/Auth0Client.ts b/src/Auth0Client.ts
@@ -478,6 +478,8 @@ export default class Auth0Client {
         this.orgHintCookieName,
         decodedToken.claims.org_id
       );
+    } else {
+      this.cookieStorage.remove(this.orgHintCookieName);
     }
   }