c

    CG.VOLS

    2 months ago
    hey 😃. we are having an issue with the redirect uri returned for Apple on the web. the code that creates the redirect uri uses the API base path instead of the UI base path.
    r

    rp

    2 months ago
    hey @CG.VOLS
    c

    CG.VOLS

    2 months ago
    hey rp
    r

    rp

    2 months ago
    The redirect URI is supposed to use the apiBasePath as the callback is to the API server and not the frontend UI.
    The api server then redirects to the frontend UI
    c

    CG.VOLS

    2 months ago
    is this specific to apple?
    r

    rp

    2 months ago
    yes
    c

    CG.VOLS

    2 months ago
    thx yet again. you are awesome
    so, it started working through "Sign in with Apple" up until the final redirect. it is still trying to use the api based redirect uri. do we need to do anything to force it to use the ui redirect url? or, it should be the api-based url and we need to account for something in our middleware?
    r

    rp

    2 months ago
    Are you using our auth-react SDK or making custom UI?
    c

    CG.VOLS

    2 months ago
    custom ui
    r

    rp

    2 months ago
    Right. So are you appending a redirect_uri to the url returned when calling the /authorisationurl GET api?
    c

    CG.VOLS

    2 months ago
    so we need to add the ui redirect there ^^^ ?
    r

    rp

    2 months ago
    No. The result of this API call is a url
    Are you adding redirect_uri query param to that?
    c

    CG.VOLS

    2 months ago
    i may see what is going on. let me try something and see if it works as expected
    r

    rp

    2 months ago
    Right ok. So for apple, you should not add a redirect_uri to that URL, since the backend sends a URL with the redirect_uri already added to it (pointing to the api server)
    And when apple redirects back, it makes a POST request to the API server and the api server redirects that to a GET request to your website UI.
    And the flow continues as usual from there
    c

    CG.VOLS

    2 months ago
    how does the API server know what the UI URL shoudl be?
    we get a 403
    r

    rp

    2 months ago
    WebsiteDomaln config
    403 from where? Maybe you can upload your code on GitHub and I can have a look?
    c

    CG.VOLS

    2 months ago
    hey @rp ... sorry that i haven't followed up again. i backtracked some after reading your response above. "the backend sends a URL with the redirect_uri already added to it (pointing to the api server)". for how we handle routing with k8s, we do a slight tweak, but we send the url returned from the backend. Apple does make a POST request to our Golang service sitting between the frontend and ST Core. we get a 403 from our service layer because it can't find the rid in the header. not much to go on...
    com.supertokens {t: "2022-07-11T19:52:14Z", message: "middleware: Started", file: "/go/pkg/mod/github.com/supertokens/supertokens-golang@v0.6.6/supertokens/main.go:31" sdkVer: "0.6.6"} com.supertokens {t: "2022-07-11T19:52:14Z", message: "middleware: requestRID is: thirdpartyemailpassword", file: "/usr/local/go/src/net/http/server.go:2084" sdkVer: "0.6.6"} com.supertokens {t: "2022-07-11T19:52:14Z", message: "middleware: Checking recipe ID for match: thirdpartyemailpassword", file: "/usr/local/go/src/net/http/server.go:2084" sdkVer: "0.6.6"} com.supertokens {t: "2022-07-11T19:52:14Z", message: "middleware: Matched with recipe ID: thirdpartyemailpassword", file: "/usr/local/go/src/net/http/server.go:2084" sdkVer: "0.6.6"} com.supertokens {t: "2022-07-11T19:52:14Z", message: "middleware: Request being handled by recipe. ID is: /authorisationurl", file: "/usr/local/go/src/net/http/server.go:2084" sdkVer: "0.6.6"} com.supertokens {t: "2022-07-11T19:52:14Z", message: "Sending response to client with status code: 200", file: "/go/pkg/mod/github.com/supertokens/supertokens-golang@v0.6.6/recipe/thirdparty/api/authorisationUrl.go:46" sdkVer: "0.6.6"} com.supertokens {t: "2022-07-11T19:52:14Z", message: "middleware: Ended", file: "/usr/local/go/src/net/http/server.go:2084" sdkVer: "0.6.6"} [GIN] 2022/07/11 - 19:52:14 | 200 | 342.633µs | 10.108.0.5 | GET "/auth/v1/authorisationurl?thirdPartyId=apple" [GIN] 2022/07/11 - 19:52:37 | 403 | 14.141µs | 10.108.0.5 | POST "/auth/v1/callback/apple"
    well, earlier it said that it couldn't find a rid. now i don't see that in the logs