Within the last day, Google Social Auth in our web...
# generalc
cg.vols
06/29/2022, 6:25 PMWithin the last day, Google Social Auth in our web app tries to log us in to supertokens.io instead of our app. We are providing the Google Clied Id and Secret associated with our app. We did switch from using an IP to our dev domain name in the last several days if that makes a difference. Why is it trying to log into supertokens.io?
r
rp_st
06/29/2022, 6:27 PMHey! That’s really weird. Did you change a version of the backend SDK?
c
cg.vols
06/29/2022, 6:30 PMjust checked. it hasn't changed. github.com/supertokens/supertokens-golang v0.6.6
cg.vols
06/29/2022, 6:33 PM:authority: supertokens.io
:method: GET
:path: /dev/oauth/redirect-to-provider?access_type=offline&include_granted_scopes=true&response_type=code&client_id=1060725074195-kmeum4crr01uirfl2op9kd5acmi9jutn.apps.googleusercontent.com&actual_redirect_uri=https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Fv2%2Fauth&scope=profile+email&redirect_uri=%2Fauth%2Fcallback%2Fgoogle
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cache-control: no-cache
pragma: no-cache
referer: https:///
cg.vols
06/29/2022, 7:35 PMthis seems like it would be related from the golang sdk code
cg.vols
06/29/2022, 7:35 PMif providerInfo.GetRedirectURI != nil && !isUsingDevelopmentClientId(providerInfo.GetClientId(userContext)) {
// the backend wants to set the redirectURI - so we set that here.
// we add the not development keys because the oauth provider will
// redirect to supertokens.io's URL which will redirect the app
// to the the user's website, which will handle the callback as usual.
// If we add this, then instead, the supertokens' site will redirect
// the user to this API layer, which is not needed.
rU, err := providerInfo.GetRedirectURI(userContext)
if err != nil {
return tpmodels.AuthorisationUrlGETResponse{}, err
}
params["redirect_uri"] = rU
}
cg.vols
06/29/2022, 7:38 PMif using the dev client id:
cg.vols
06/29/2022, 7:38 PMif isUsingDevelopmentClientId(providerInfo.GetClientId(userContext)) {
params["actual_redirect_uri"] = providerInfo.AuthorisationRedirect.URL
cg.vols
06/29/2022, 8:10 PMtried a different google client id and secret. no wget this:
cg.vols
06/29/2022, 8:10 PMIf you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: /auth/callback/google
cg.vols
06/29/2022, 8:13 PMin Google Api Console... i have a callback url like: https://dev.xxxxxx.us/auth/callback/google
r
rp_st
06/29/2022, 8:37 PMHey! So are you using a custom UI on the frontend?
rp_st
06/29/2022, 8:38 PMCause the redirect_uri query param is not correctly set in that request
rp_st
06/29/2022, 8:38 PMIt needs to be the full domain and path and not just /auth/callback/google
c
cg.vols
06/29/2022, 9:04 PMagh ok. we are. where do i set that?
r
rp_st
06/29/2022, 9:04 PMWhen you get back the URL on the frontend, you can edit that query param before redirecting the user to it.
rp_st
06/29/2022, 9:05 PMHave a look at this: https://supertokens.com/blog/adding-social-login-to-your-website-with-supertokens
c
cg.vols
06/29/2022, 9:06 PMty! will do.
5 Views