Giters

joelbutcher / socialstream

OAuth for Laravel, simplified.

Home Page:https://docs.socialstream.dev

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[bug]

CamKem opened this issue · comments

commented

Describe the bug
When setting up github following the documentation I am getting a 404 error when socialite/socialstream is redirecting to github.
When I dd the the following function in the OAuthController.php

    public function redirectToProvider(string $provider, GeneratesProviderRedirect $generator)
    {
        session()->put('socialstream.previous_url', back()->getTargetUrl());
        dd($generator->generate($provider));
        return $generator->generate($provider);
    }

It gives me the following data

  #targetUrl: "https://github.com/login/oauth/authorize?client_id=7b22f1c18d49061d37af&redirect_uri=https%3A%2F%2Fsocial.test%2Foauth%2Fgithub%2Fcallback&scope=user%3Aemail&response_type=code&state=PNlgo4kXqKJR861cMWp3mXmTuRZA8D9Vl7yhK44g

This url seems to be incorrect, as when I use jetstream & socialite by themselves and also die & dump the redirect targetUrl i get the following

  #targetUrl: "https://github.com/login/oauth/authorize?client_id=7b22f1c18d49061d37af&redirect_uri=https%3A%2F%2Fevo.test%2Foauth%2Fgithub%2Fcallback&scope=user%3Aemail&response_type=code&state=uUneQaQB7kthyUOfA5Wao5RKUBMcgzoKsLQHdgs1

Note that the two redirect urls are different, the query string in the second one has client_id. When I manually add client_id=7b22f1c18d49061d37af to the github uri generated by socialstream it works fine, which makes me think there is an issue with the redirect uri & possibly the headers being sent with social stream as if I just set up basic routes and a register with github button on a new install of jetstream with socialite package, as mentioned it works fine.

Could you please look into this & test out the github redirect uri with socialite & socialstream to fix this issue? (or if the issue is my config or setup) please help me fix it.

Here is the basic routes I setup up for the fresh laravel & socialite install to just test it & compare (should you want to use them to test out why the redirect to github url is not working with socialstream (no client_id, etc)

Route::get('/oauth/github/redirect', function () {
    $dd = Socialite::driver('github')->redirect();
    dd($dd);
    return Socialite::driver('github')->redirect();
})->name('github.login');

Route::get('/oauth/github/callback', function () {
    $githubUser = Socialite::driver('github')->user();

    $user = User::updateOrCreate([
        'github_id' => $githubUser->getId(),
    ], [
        'name' => $githubUser->getName(),
        'email' => $githubUser->getEmail(),
        'github_username' => $githubUser->getNickname(),
        'github_avatar' => $githubUser->getAvatar(),
        'github_token' => $githubUser->token,
        'github_refresh_token' => $githubUser->refreshToken,
    ]);

    Auth::login($user, true);

    return redirect()->route('dashboard');

})->name('github.callback');

To Reproduce
Steps to reproduce the behavior:

  1. Install new laravel
  2. install social stream package & inertia scaffold
  3. set up vite config & .env
  4. run migration
  5. login to github developers setting page and setup oauth app
  6. set up config in services.php for github (redirect uri must match the redirect uri on github developer oauth app settings)
  7. npm install && npm run dev
  8. open browser, go to /redirect
  9. this is where you will experiance a 404 error, as the url is incorrect (based on the auth0 docs) it returns the 404.
  10. dd() in the redirectToProvider() method to see what the url is to troubleshoot.
  11. try installing laravel & socialite package, also setting up .env & services.php in config. run migration & npm run dev. set up second github oauth app for testing directly with socialite.
  12. set up the routes for the github to test out the package (as above)
  13. notice that there is no 404 error with using socialite directly.
  14. dd() the Socialite::driver('github')->redirect(); line in the route to compare the difference in the uri's between socialstream & socialite direct, you will notice that socialstream does not contain the client_id attribute in the uri query string.

Expected behavior
I expect that it should work as intended, and not get a 404 when redirecting to github to authenticate the user.

Screenshots
Check out the different generated target urls when die & dump the redirect to provider in both different setups (socialstream & socialite direct)
20230202 031601 1
20230202 031529 1

Environment context

  • Socialstream version: 9.3
  • Jetstream stack: Inertia
  • Laravel version: 9
  • PHP version: 8.2

Please help me fix this as I wish to use socialsteam as my starter kit.
This is mainly as you have implemented all of the things like handling email verification & also password setting for a linked account, otherwise I would just use socialite package.

commented

Ok, it turns out that the config was wrong,

It won't pick up the {provider} in the uri, that is in the route.
If I change {provider} to github (hardcoded), it works now.

Not sure if this is something that is meant to work dynamically, or it's supposed to be changed but just not covered in the socialstream docs.

commented

@CamKem the routes are:

mydomain.test/oauth/{provider} > get's the redirect URL
mydomain.test/oauth/{provider}/callback > the entry point the OAuth provider returns you to.

In you're screenshots above, you're calling a /oauth/{provider}/redirect route which isn't defined as part of the routing in this package.

Using the default socialstream installation, I cannot replicate this issue with GitHub, Facebook, Google or Twitter OAuth providers