fix: concurrent credential storage errors by preventing unnecessary state updates #1302
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
subhankarmaiti
changed the title
pmathew92
approved these changes
Sep 12, 2025
|
Hi @subhankarmaiti , Were you able to reproduce the mentioned issue? |
|
@pmathew92, we can handle it on the native sdk as well and restrict to call |
subhankarmaiti
deleted the
fix/prevent-concurrent-credential-storage-errors
branch
Merged
NandanPrabhu
added a commit
that referenced
this pull request
Sep 29, 2025
* master: feat: add Claude Code PR Review workflow for enhanced pull request an… (#1317) feat: enhance Auth0Provider with platform-specific initialization and error handling (#1313) feat(web): Simplify Setup, Add Session Check & Fix Missing Refresh Token (#1303) Fix clearSession operation order to prevent premature user state clearing (#1309) Release v5.0.0-beta.6 (#1306) fix: concurrent credential storage errors by preventing unnecessary state updates (#1302) chore(deps): bump actions/checkout from 4 to 5 (#1272) chore(deps): bump actions/download-artifact from 4 to 5 (#1294) chore(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 (#1296) fix(docs): added back the docs folder (#1291) Release v5.0.0-beta.5 (#1290) fix(docs): organize exports into namespaces for better typedocs (#1269) fix: add missing clearSession native options (#1289) fix(android): add pathPrefix to Android manifest for proper App Links functionality (#1288) feat: add organization parameter support to resetPassword API (#1286) feat(auth): add `saveCredentials` method to `useAuth0` hook (#1285) feat: unify and improve error handling across platforms (#1261) chore(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 (#1279)
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes issue #1278 where frequent
CRYPTO_EXCEPTIONerrors were occurring on Android devices due to concurrent credential storage operations.Why
The issue was caused by multiple concurrent calls to
getCredentials()triggering unnecessary state updates and credential saves. When the same token was being stored multiple times concurrently, it led to crypto exceptions on Android devices.The root cause was in the
getCredentialsmethod using theloginFlowwrapper, which would always save the credentials again.How
deepEqualfunction to compare user objects and detect actual changesSET_USERaction type that only updates state when the user object has actually changed (using deep equality comparison)loginFlowwrapper to a direct implementation that:SET_USERinstead ofLOGIN_COMPLETETesting
getCredentialscalls no longer cause crypto exceptionsCloses #1278