Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Support for OAuth callback proxy #466

Open
wants to merge 1 commit into
base: rc
Choose a base branch
from
Open

feat: Support for OAuth callback proxy #466

wants to merge 1 commit into from

Conversation

Benjamin-Dobell
Copy link
Contributor

@Benjamin-Dobell Benjamin-Dobell commented Oct 3, 2022
edited
Loading

What kind of change does this PR introduce?

This addresses a major pain point for hosted Supabase consumers whereby Google et al. OAuth consent screens indicate you're logging into <gibberish>.supabase.co, rather than your app.

GoTrue/Supabase clients may now optionally supply a "proxy" param that is provided to external providers as the callback, rather than the GOTRUE_EXTERNAL_<PROVIDER>_REDIRECT_URI (which is not configurable unless you're self hosting).

The proxy end-point is something Supabase consumers implement and lives at their app's domain, and simply redirects back to GoTrue (or rather Kong). It'd make sense to implement this end-point in https://github.com/supabase/auth-helpers so any consumers of those libraries obtain this functionality for free.

SignInWithOAuthCredentials simply has a new optional proxy property which when specified is appended to the generated /authorize call to GoTrue.

What is the current behavior?

Addresses the auth component of supabase/supabase#12429

image

What is the new behavior?

image

Additional context

Corresponds with supabase/auth#725

@Benjamin-Dobell Benjamin-Dobell requested a review from a team as a code owner October 3, 2022 17:18
@Benjamin-Dobell Benjamin-Dobell mentioned this pull request Oct 3, 2022
Closed
@Benjamin-Dobell Benjamin-Dobell changed the base branch from master to rc October 3, 2022 17:18
@Benjamin-Dobell Benjamin-Dobell changed the title Feat/proxy callback feat: Support for OAuth callback proxy Oct 3, 2022
@Benjamin-Dobell Benjamin-Dobell mentioned this pull request Oct 4, 2022
Closed
hf
hf reviewed Oct 11, 2022
View reviewed changes
src/lib/types.ts
Comment on lines +350 to +351
/** A custom OAuth callback URL. The proxy must redirect (with query params retained) to the Authorize end-point */
proxy?: string,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I voiced in the GoTrue PR, I believe there's a better name for proxy. Something along the lines of redirect_via or redirect_through probably conveys meaning better, but I'm open to any other name.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hf hf hf left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Benjamin-Dobell @hf