OAuth2 callback being invoked 2 times due to captcha
Hello Team, I'm integrating Auth0 (an OAuth2 provider) with Hubspot via the OAuth2 route. However, a captcha verification in the middle of the authorization workflow is invoking the callback back to Auth0 2 times with different codes. The first callback stays pending until I have clicked on the captcha, after which the callback gets canceled and a new callback gets initialized.
Since Auth0 (or any OAuth2 provider) embeds a state parameter to ensure security, the final callback is getting rejected. Any idea/suggestions on:
A. Why is the first callback request staying in the pending state? B. How to avoid the second callback altogether?
2. Next up, I choose my account and log in. However, as you can see, the first callback request has already started.
3. Then the Captcha comes up, while the earlier callback request is ongoing
4. Finally, when I complete the captcha, the second callback request is sent and the earlier callback has been canceled. However, since the state parameter in both the callback is the same with different authorization codes generated by Hubspot, the OAuth2 server also rejects the second callback.