I'm using Lock and Django to authenthicate my users, whenever it's done I'd like to redirect them to the same page they were, problem is that my urls have unique UUID and I can't list all of them under Allowed Callback URLs, I originaly had two ways to do so:
Specifying callback urls in Lock redirectUrl parameter - Problem : Callback URL mismatch. (can't specify each new unique url to Allowed Callback URLs)
Specifying my unique urls to Lock and POST it then receive it back from auth0 along with the user informations, so I can use it to redirect the user. - Problem: I don't think such feature exist. (EDIT: it does, see answer.)
Are there any way I can achieve this?
After more research solution number 2 is possible, Auth0 allow us to send custom encoded data through the state parameter that can be retrieved from the callback.
For the most basic cases the
stateparameter should be a nonce as shown in the example below. But this field can also be a Base64 encoded json object that can hold multiple values such as a return URL.
More informations can be found on this link: https://auth0.com/docs/protocols/oauth2/oauth-state