Auth0: /authorize endpoint when not logged in

[headly48]

Using the auth0-spa-js when calling the method getAccessTokenSilently while not logged in the simulation server responds with "server error" and a http status of 500.

This causes the promise returned from getAccessTokenSilently to never be resolved.

When calling the real Auth0 in this scenario the endpoint returns a http status of 200 and getAccessTokenSilently promise is rejected with the error

error: "login_required" error_description: "Login required" message: "Login required"

[headly48]

The Server Error seems to be originating from the web-message handler where it checks if the session contains a username.

[dagda1]

@headly48 thanks for bringing this up.

Do you have any code you can share about how you got to the point where getAccessTokenSilently is called while not authenticated?