Skip to content

Commit

Permalink
fix: Forward OAuth error to the client (#541)
Browse files Browse the repository at this point in the history 
### **User description**
Previously, if the OAuth sign-in failed due to signup being disabled,
the error was not being forwarded back to the client, contrary to what
happens for all other errors. This PR fixes that.

## How to reproduce
1. Set `AUTH_DISABLE_SIGNUP=true` 
2. Attempt to sign-in via OAuth with a user that does not exist in the
database, specifying a `redirectTo` URL.

## Expected
The user should be redirected to `redirectTo`, with the `error` as
search param.

## What happens
No redirect happens, and the end user will see the error
`{"status":403,"message":"Sign up is
disabled.","error":"signup-disabled"}`

## The issue
In `/oauth/index.ts`, `sendError()` is called without the `redirectTo`
and `forwardRedirection` arguments, so the `signup-disabled` error is
not forwarded to the app.

## The fix
Specify the `redirectTo` and `forwardRedirection` when calling
`sendError()` (as it is done for all other errors).


___

### **PR Type**
Bug fix


___

### **Description**
- Fixed an issue where the OAuth `signup-disabled` error was not being
forwarded to the client with the appropriate redirection parameters.
- Added `redirectTo` and `forwardRedirection` arguments to the
`sendError` function call for the `signup-disabled` error in
`src/routes/oauth/index.ts`.



___



### **Changes walkthrough** 📝
<table><thead><tr><th></th><th align="left">Relevant
files</th></tr></thead><tbody><tr><td><strong>Bug
fix</strong></td><td><table>
<tr>
  <td>
    <details>
<summary><strong>index.ts</strong><dd><code>Forward OAuth
signup-disabled error with redirection parameters</code></dd></summary>
<hr>

src/routes/oauth/index.ts

<li>Added <code>redirectTo</code> and <code>forwardRedirection</code>
parameters to the <code>sendError</code> <br>function call for the
<code>signup-disabled</code> error.<br>


</details>


  </td>
<td><a
href="https://github.com/nhost/hasura-auth/pull/541/files#diff-377b11b1cf0052db32d2d519ffb6ac36c496acf967f7c99c8a18acb45fc13b28">+1/-1</a>&nbsp;
&nbsp; &nbsp; </td>

</tr>                    
</table></td></tr></tr></tbody></table>

___

> 💡 **PR-Agent usage**:
>Comment `/help` on the PR to get a list of all available PR-Agent tools
and their descriptions

Co-authored-by: David Barroso <[email protected]>
  • Loading branch information
@fmanzali @dbarrosop
fmanzali and dbarrosop authored Aug 7, 2024
1 parent 4993f9e commit 189ea75
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/routes/oauth/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -328,7 +328,7 @@ export const oauthProviders = Router()
// * No user found with this email. Create a new user

if (ENV.AUTH_DISABLE_SIGNUP) {
return sendError(res, 'signup-disabled');
return sendError(res, 'signup-disabled', { redirectTo }, true);
}

const userInput = await transformOauthProfile(profile, options);
Expand Down

0 comments on commit 189ea75

Please sign in to comment.