Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: cannot login with the extension #228

Closed
1 of 2 tasks
takanome-dev opened this issue Jul 27, 2023 · 8 comments · Fixed by #230
Closed
1 of 2 tasks

Bug: cannot login with the extension #228

takanome-dev opened this issue Jul 27, 2023 · 8 comments · Fixed by #230

Comments

@takanome-dev
Copy link

Describe the bug

extension-auth-bug.mp4

Steps to reproduce

  1. Logout from the Insights or Hot platform
  2. Use the extension to login back in

Browsers

Other (add additional context)

Additional context (Is this in dev or production?)

Browser: Brave

Code of Conduct

  • I agree to follow this project's Code of Conduct

Contributing Docs

  • I agree to follow this project's Contribution Docs
@takanome-dev takanome-dev added 🐛 bug Something isn't working 👀 needs triage labels Jul 27, 2023
@Anush008
Copy link
Member

Anush008 commented Jul 27, 2023

From the video, I believe you are not logged into beta.insights.opensauced.pizza. You'll have to click the "Connect with GitHub` button on the top right.

@takanome-dev
Copy link
Author

Yeah, that's right. But I remember that clicking the login button in the extension automatically logs you and redirects you to insights.opensauced.pizza (if I'm not mistaken 🤔)

@diivi
Copy link
Contributor

diivi commented Jul 27, 2023

It used to, yes. But since the last month I've had to click the Connect to Github button separately.

@takanome-dev
Copy link
Author

Is it the credentials(env) or because it redirects to beta.insights?

@diivi
Copy link
Contributor

diivi commented Jul 28, 2023

How are you using the extension? If it's in dev, npm run dev, it should redirect to beta.insights only.

@Anush008
Copy link
Member

Anush008 commented Jul 28, 2023

I tried digging into this.

The reason we'll have to click the "Connect with GitHub" button to log into the extension from now on is because the @supabase/auth-helpers lib used at insights.opensauced.pizza was updated last month.
open-sauced/app#1301 which introduced PKCE to the auth flow.

Prior to this we would redirect users to

export const SUPABASE_LOGIN_URL = `https://${import.meta.env.VITE_OPEN_SAUCED_SUPABASE_ID}.supabase.co/auth/v1/authorize?provider=github&redirect_to=https://${OPEN_SAUCED_INSIGHTS_DOMAIN}/`;

Which would log the users in with the following params
Screenshot 2023-07-28 at 7 03 22 PM

Now with PKCE in place, a code-challenge, verifier value has to be generated and stored at insights.opensauced.pizza while making the login request. That's what happens when we click on the "Connect to GitHub" button. Handled by the @supabase/auth-helpers lib implictly.
Screenshot 2023-07-28 at 6 33 03 PM

As of now, there's no way to disable PKCE at insights.opensauced.pizza because the @supase/auth-helpers lib has it hardcoded as the auth flow type.
https://github.com/supabase/auth-helpers/blob/9715901658e0925136b9c8c015b6d5c22a7ce6a7/packages/shared/src/createClient.ts#L30

@Anush008 Anush008 mentioned this issue Jul 28, 2023
19 tasks
@github-actions
Copy link

🎉 This issue has been resolved in version 1.12.0-beta.5 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@github-actions
Copy link

🎉 This issue has been resolved in version 1.12.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants