auth0-react-samples: Sample 01-Login invalid state after login refresh Firefox

Hi,

When I run the sample code and refresh the page after a login on Firefox (DE 69.0.0 Mac OS X 10.14.0) I always get an Error: Invalid state:

Only when I open a new tab or do a route change, page refreshes work fine. This happens when running locally on localhost, but also in an app deployed to a custom domain, that basically shares the same implementation using @auth0/auth0-spa-js version 1.0.2. This doesn’t happen in Chrome or Safari.

I made sure I’m not blocking any cookies nor any critical requests. And I don’t see anything weird in the Auth0 dashboard logs:

• Success Exchange
• Success Silent Auth

I tried to get a better understanding why this might be happening by digging through the code of @auth0/auth0-spa-js, where I see a token is requested silently when initializing the lib with createAuth0Client. This runs on page refresh, but my understanding is that prompt: 'none' shouldn’t be triggering a redirect flow with a new code, which appears to be happening. Could it be that the request fails to run in the iframe the first time after login for some reason in Firefox only?

If you can reproduce the error, I’m happy to help investigating if needed.