8000 🐛 Bug Report: GitHub OAuth2 Not Working SvelteKit · Issue #5858 · appwrite/appwrite · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

🐛 Bug Report: GitHub OAuth2 Not Working SvelteKit #5858

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
2 tasks done
bitlogist opened this issue Jul 21, 2023 · 6 comments
Closed
2 tasks done

🐛 Bug Report: GitHub OAuth2 Not Working SvelteKit #5858

bitlogist opened this issue Jul 21, 2023 · 6 comments
Assignees
@stnguyen90
Labels
bug Something isn't working product / auth Fixes and upgrades for the Appwrite Auth / Users / Teams services.

Comments

@bitlogist
Copy link

👟 Reproduction steps

import { ID, Permission, Role } from 'appwrite'
import type { Models } from 'appwrite'
import { get, writable } from 'svelte/store'
import { sdk, server } from '$lib/appwrite/appwrite'

export type State = {
  account: Models.User<Models.Preferences> | null
}

const createState = () => {
  const { subscribe, set, update } = writable<State>({
    account: null,
  })

  return {
    // ...
    oAuth: async (provider: string, redirectURL: string) => {
      sdk.account.createOAuth2Session(provider, redirectURL) // have no idea how to get user information

      const urlParams = new URLSearchParams(window.location.search)
      const code = urlParams.get('code')

      console.log(code) // nothing
    }
  }
}

export const state = createState()
// ...
<IconButton on:click={() => state.oAuth('github', `https://${data.hostname}`)}></IconButton>
// ...

👍 Expected behavior

I should be able to access the user's GitHub details. The createOAuth2Session function does not return anything.

👎 Actual Behavior

OAuth and redirection was successful but no code parameter was passed onto my application.

🎲 Appwrite version

Appwrite Cloud

💻 Operating system

Linux

🧱 Your Environment

  • TypeScript
  • SvelteKit
  • Web SDK
  • Gitpod
  • Vercel

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?
@bitlogist bitlogist added the bug Something isn't working label Jul 21, 2023
@stnguyen90 stnguyen90 added the product / auth Fixes and upgrades for the Appwrite Auth / Users / Teams services. label Jul 21, 2023
@stnguyen90 stnguyen90 self-assigned this Jul 21, 2023
@stnguyen90
Copy link
Contributor
stnguyen90 commented Jul 21, 2023
edited
Loading

@bitlogist, thanks for raising this issue! 🙏🏼

OAuth and redirection was successful but no code parameter was passed onto my application.

This is expected. On the web, the flow is:

[ Your App ]  -> [ Appwrite ] -> [ OAuth2 Provider ] -> [ Appwrite ] -> [ Your App ]

The OAuth2 code is sent to Appwrite and Appwrite exchanges it for the access token to authenticate the user and create an Appwrite session. When the user is redirected from Appwrite to your app, a cookie is set for the session. At that point, if your app is able to make use of the cookie, it will be able to make the related API calls to Appwrite.

To ensure your app can use the cookie, you'll need to either

  1. enable 3rd party cookies (can be done in your browser settings)
  2. have your appwrite endpoint be a subdomain of your app (e.g. appwrite.example.com and example.com). For more information, refer to https://appwrite.io/docs/custom-domains.

Another thing to point out is the sdk.account.createOAuth2Session(provider, redirectURL) redirects the user to Appwrite, so the rest of your code:

      const urlParams = new URLSearchParams(window.location.search)
      const code = urlParams.get('code')

      console.log(code) // nothing

never executes. When the user is redirected back to redirectURL, your app starts from scratch.

I should be able to access the user's GitHub details

After the user is redirected back, if everything is successful, there should be a cookie set and API calls to Appwrite should work. So, you can use the Get Session API to get the current session which will have a providerAccessToken that can be used to make API calls to the provider and fetch whatever is allowed.

I hope that clarifies things.

@Haimantika
Copy link
Contributor

Hi @bitlogist 👋 following up on this, did you have a chance to look at @stnguyen90's comment ☝️

@intfract
Copy link
intfract commented Jul 27, 2023
edited
Loading

Is it not possible to use OAuth without 3rd party cookies?
What's the cookie's name anyway?

@github-actions github-actions bot mentioned this issue Aug 1, 2023
Closed
@stnguyen90
Copy link
Contributor

@intfract,

Is it not possible to use OAuth without 3rd party cookies?

Yes, make it a 1st party cookie with the 2nd option i suggested.

What's the cookie's name anyway?

See https://appwrite.io/docs/rest#client-auth.

@intfract
Copy link
intfract commented Aug 6, 2023

I'm not sure if I can make it a subdomain because my SvelteKit app is deployed on vercel. Thanks anyway, though.

@stnguyen90
Copy link
Contributor

@bitlogist, do you need anything else or can this be closed?

@stnguyen90 stnguyen90 closed this as not planned Won't fix, can't repro, duplicate, stale Oct 11, 2023
@github-actions github-actions bot mentioned this issue Nov 1, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stnguyen90 stnguyen90

Labels
bug Something isn't working product / auth Fixes and upgrades for the Appwrite Auth / Users / Teams services.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@stnguyen90 @Haimantika @intfract @bitlogist
0