Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization Flow Issues #46

Closed
summer-cook opened this issue Jan 29, 2024 · 4 comments · Fixed by #55
Closed

Authorization Flow Issues #46

summer-cook opened this issue Jan 29, 2024 · 4 comments · Fixed by #55
Assignees
@alishaevn
Labels
bug something isn't working

Comments

@summer-cook
Copy link
Contributor

summer-cook commented Jan 29, 2024
edited
Loading

story

occasionally, when logging in to the phenovista marketplace from their digital storefront, the user is redirected to the next auth sign in page instead of routing them directly to the marketplace. the behavior in the screenshot below is what happens when the provider's id isn't passed to the signIn method. we are passing it however, so debugging needs to be done to see why we aren't bypassing the nextauth sign in page.

Digital storefront user journey:
https://docs.google.com/document/d/1nNvUxzInahqMrVZWGCyVnskmJvMo4c1k5oqKwwSYvIY/edit

screenshots

Image

resources

notes

  • normally, this page could show multiple sign in methods (i.e. - sign in with google, facebook etc) but in our case, we should only have the option to sign in with the provider.
  • this page should never show - because we are passing the provider ID in our sign in method. we don't want to see it because we only have one sign in method.
  • this page should always be bypassed but sometimes it gets sent there - but its not a consistent issue.
  • https://github.com/scientist-softserv/webstore/blob/main/pages/_app.js#L47 - where we are passing the provider name.
@summer-cook summer-cook changed the title Authorization Flow Issues Updates to Authorization Flow Jan 29, 2024
@alishaevn alishaevn changed the title Updates to Authorization Flow Authorization Flow Issues Jan 30, 2024
@alishaevn alishaevn added the bug something isn't working label Jan 30, 2024
@summer-cook summer-cook added the needs discussion has open questions or need for discussion label Jan 30, 2024
@alishaevn alishaevn removed the needs discussion has open questions or need for discussion label Jan 31, 2024
@alishaevn
Copy link
Member

alishaevn commented Feb 1, 2024
edited
Loading

I was just able to duplicate this issue. I went to https://store.phenovista.com/, but when I pressed the "sign in" button, it redirected me to https://phenovista.softserv.cloud/api/auth/signin?error=OAuthCallback. this probably has something to do with the fact that the site is actually deployed to https://phenovista.softserv.cloud. their cname of https://store.phenovista.com/ point there, so the callback redirect is most likely the problem.

clicking "sign in with phenovista" did sign me in properly.

ref: slack thread around dns and cname.

@alishaevn alishaevn self-assigned this Feb 1, 2024
@alishaevn
Copy link
Member

I tested this again by signing into phenovista.scientist.com, and disallowing access to the DS in my settings. I then went back to https://store.phenovista.com/ and tried to sign in. it took me to the phenovista store front to grant access to the DS. I selected "allow" but didn't have it remember my decision, which redirected me to https://phenovista.softserv.cloud/api/auth/signin?error=OAuthCallback, the softserv dns. this time, pressing "sign in with phenovista" took me back to the phenovista storefront once more. after pressing "allow" again, it redirected me to phenovista.softserv.cloud and NOT store.phenovista.com.

this is definitely a redirect problem. will have to research to see how to get around it.

@alishaevn alishaevn transferred this issue from assaydepot/webstore Feb 1, 2024
alishaevn added a commit that referenced this issue Feb 1, 2024
@alishaevn
create the NEXT_PUBLIC_CLIENT_BASE_URL env variable
88d77c7 
this new variable will be necessary so that redirects happen properly
when the client is using their own domain, but pointing it to the
softserv.cloud instance.

- ref: #46
@alishaevn alishaevn linked a pull request Feb 1, 2024 that will close this issue
46 auth flow #48
Closed
@alishaevn
Copy link
Member

alishaevn commented Feb 2, 2024
edited
Loading

potential clues:

@alishaevn
Copy link
Member

crystal suggested in stand up that this issue might be able to be fixed from the devops side. started a thread for possible suggestions.

alishaevn added a commit that referenced this issue Feb 7, 2024
@alishaevn
fix the authorization flow
c661be7 
with this commit we will now be redirected back to store.phenovista.com
after signing in, instead of being redirected to phenovista.softserv.cloud.
I tested this change on production to confirm it works.

ref:
- #46
@alishaevn alishaevn mentioned this issue Feb 7, 2024
Merged
@alishaevn alishaevn linked a pull request Feb 7, 2024 that will close this issue
46-authorization-flow #55
Merged
@github-project-automation github-project-automation bot moved this to Done in webstore Feb 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alishaevn alishaevn

Labels
bug something isn't working
Projects
None yet
Milestone
No milestone
2 participants
@alishaevn @summer-cook