Shiny server function is called twice when browser is Firefox

[AB-Kent]

I'm using Auth0 from a Shiny app. When the app runs in Chrome, the server function is called once, after the user logs in, with session$userData populated with the auth0_credentials and auth0_info. This is good 😺

When the app runs in Firefox, the server function is called twice - once immediately, with no session$userData, and again after the user logs in, with session$userData populated. If a session$onSessionEnded callback has been registered, it is called after the first call to server.

This is bad for a couple of reasons:

• If session$onSessionEnded is used conventionally to register a call to stopApp, the application exits before the second call to server. This is catastrophic, the application does not launch. ☹️
• The first call to server will fail if the server function tries to access anything in session$userData. This is merely annoying since the function is called again.

Here is a minimal reprex (you must supply your own _auth0.yml and .Renviron files):

library(shiny)
library(purrr) # for `pluck`

ui <- fluidPage(
    titlePanel("Firefox test"),

    sidebarLayout(
        sidebarPanel(
            auth0::logoutButton()
        )
    )
)

server <- function(input, output, session) {

    cat('Entered `server` function\n')
    
    # Safe navigation to user name
    cat('User name is', 
        purrr::pluck(session, 'userData', 'auth0_info', 'name'), '\n')
    
    session$onSessionEnded(function() {
        cat('Session ended\n')
    })
}

options(shiny.port = 4200)
auth0::shinyAppAuth0(ui, server)

When I run this on Chrome, the output is

Entered `server` function
User name is kent johnson 

with no output appearing until after I log in.

When I run on Firefox, the output is

Entered `server` function
User name is 
Session ended
Entered `server` function
User name is kent johnson 

where the first three lines are output before I complete the login sequence.

What is causing the double call to server and how can I prevent it?

Thanks!

[jtrecenti]

Hi!

I was able to reproduce the issue! Mindblowing!

I don't know a workaround yet, maybe we should discover in Auth0 or Shiny documentation why that happens

[jtrecenti]

We were able to reproduce the issue without calling {auth0}.

What {auth0} does is modify the ui object so that it redirects the page to the login page if the url doesn't have a "code" parameter.

What we did was add the redirect directly in this minimal example, and the problem for chrome/firefox persists.

# shinyapp

library(shiny)

ui <- function(req) {
  cat("Entered `ui` function\n")
  redirect <- sprintf("location.replace(\"%s\");", "https://www.google.com")
  shiny::tags$script(redirect)
}

server <- function(input, output, session) {
  cat('Entered `server` function\n')
  session$onSessionEnded(function() {
    cat('Session ended\n')
  })
}

options(shiny.port = 8080)
shiny::shinyApp(ui, server)

Then, what we need is to replace this location.replace javascript for something that works properly on Firefox.

[AB-Kent]

Can someone give some insight into what calls the server function? What is responsible for delaying the call to server in the working case (Chrome)? Why doesn't that happen in Firefox?

[James-G-Hill]

I don't know how to fix this issue but for anyone else who needs a patch; I used the following to ensure the functionality continued:

session$onSessionEnded(
    \() if (!is.null(session$userData$auth0_info)) shiny::stopApp()
  )

Edit: actually I realised later that this is not enough; this will mean onSessionEnded won't work if you don't go through auth0; I therefore add another check to see whether auth0 is enabled in the options too.