10000 🐛 Bug Report: OAuth Login invalid success · Issue #6322 · appwrite/appwrite · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

🐛 Bug Report: OAuth Login invalid success #6322

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
2 tasks done
gaurav-chandra opened this issue Sep 25, 2023 · 10 comments
Closed
2 tasks done

🐛 Bug Report: OAuth Login invalid success #6322

gaurav-chandra opened this issue Sep 25, 2023 · 10 comments
Assignees
@stnguyen90 @Meldiron
Labels
bug Something isn't working product / auth Fixes and upgrades for the Appwrite Auth / Users / Teams services.

Comments

@gaurav-chandra
Copy link

👟 Reproduction steps

  1. self-host v1.4.3
  2. add a web platform
  3. under hostname field, either put * or *.domain.com
  4. under auth enable google and add all api keys for google
  5. add a login with google button and call sdk.createOAuth2Session('google', success_url, error_url)
  6. for success_url = https://testing.domain.com
  7. upload the code to testing subdomain
  8. try the flow with google login

👍 Expected behavior

it should login and have success as the hostname is either * or *.domain.com

👎 Actual Behavior

appwrite shows an error:
image

🎲 Appwrite version

Version 1.4.x

💻 Operating system

Linux

🧱 Your Environment

ubuntu v20 and appwrite v1.4.3

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?
@gaurav-chandra gaurav-chandra added the bug Something isn't working label Sep 25, 2023
@gaurav-chandra
Copy link
Author

I should add that if I hardcode the testing.domain.com in hostname field, it works but I cannot use a wildcard sub domain.

@btme0011
Copy link
Contributor

I think this issue is common with all the OAuth services.

@gaurav-chandra
Copy link
Author

No, the issue was not there in v1.3.7 and v1.3.8. I could use wildcard sub domain. It has started happening when I upgraded to v1.4.1

@stnguyen90 stnguyen90 changed the title 🐛 Bug Report: Google OAuth Login invalid success 🐛 Bug Report: OAuth Login invalid success Sep 26, 2023
@stnguyen90 stnguyen90 self-assigned this Sep 26, 2023
@stnguyen90 stnguyen90 added the product / auth Fixes and upgrades for the Appwrite Auth / Users / Teams services. label Sep 26, 2023
@stnguyen90
Copy link
Contributor

@gaurav-chandra, thanks for raising this issue! 🙏🏼

No, the issue was not there in v1.3.7 and v1.3.8. I could use wildcard sub domain. It has started happening when I upgraded to v1.4.1

Are you sure you didn't have an additional web platform before?

I'm looking at the validation between 1.3.8 and 1.4.3 and they seem to be the same.

I also tried testing on 1.3.8, but got the same error:

image

That said, I'll bring this up to the team.

@gaurav-chandra
Copy link
Author

hey @stnguyen90 thanks for taking this up. Now that you mention it, I am wrong about v1.3.8. I realised that I was testing on localhost and it always works on localhost.

@github-actions github-actions bot mentioned this issue Oct 1, 2023
Closed
@stnguyen90
Copy link
Contributor

I'm still in discussion with the team about this, but the crux of the problem is the validation that's done on the success URL expects an exact match. However, the validation for CORS, allows wildcards.

@stnguyen90 stnguyen90 mentioned this issue Dec 11, 2023
Closed
2 tasks
This was referenced Jan 4, 2024
Closed
Merged
@stnguyen90 stnguyen90 assigned Meldiron and unassigned stnguyen90 Mar 11, 2024
@stnguyen90 stnguyen90 mentioned this issue Mar 11, 2024
Merged
2 tasks
@stnguyen90 stnguyen90 self-assigned this Mar 11, 2024
@stnguyen90 stnguyen90 moved this from Todo to In Review in 1.5 release Mar 11, 2024
@stnguyen90 stnguyen90 moved this from In Review to Done in 1.5 release Mar 11, 2024
@PtradeLLC
Copy link

Great that this was discussed and closed. However, noone seem to talk about how it was solved so that others don't have the same issue.

@Marius555
Copy link

i dont understand how tis issue is closed, did anybody find solution to this???? i have the same problem: Invalid success param: URL host must be one of: localhost, cloud.appwrite.io, appwrite.io, *, how to solve it, i put * on hostname on web, but that didnt do anything...

@jiayouchongmingniao
Copy link

same error, self-host v1.6

@mahitechnologies259
Copy link
mahitechnologies259 commented Jan 8, 2025
edited
Loading

Solution:
Add that website or domain to the project of the appwrite for which this error appears when added to success parameter:
error comes host must be one of: _, _, _;

If the above solution doesn't work then try this custom solution, remove success parameter.
If Social Login is successful, awaited 1 second, and launch deep link url myself for the page.

Code for my flutter app, if it helps anyone:

    await _account.createOAuth2Session(
      provider: OAuthProvider.google,
    );
    await Future.delayed(const Duration(seconds: 1));
    final Uri url =
        Uri.parse(deep_link_custom_url_for_the_app);
    await launchUrl(url)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stnguyen90 stnguyen90

@Meldiron Meldiron

Labels
bug Something isn't working product / auth Fixes and upgrades for the Appwrite Auth / Users / Teams services.
Projects
1.5 release
Status: Done
Milestone
No milestone
Development

No branches or pull requests
8 participants
@stnguyen90 @gaurav-chandra @Meldiron @Marius555 @jiayouchongmingniao @mahitechnologies259 @btme0011 @PtradeLLC
0