OAuth - State parameter not working
C4T4 opened this issue · comments
Catalin Waack commented
I'm trying to pass a test string in the state parameter via google login. the state parameter and the value get passed to google and redirected to supabase but supabase throw an error at this point:
https://xxxx.supabase.co/auth/v1/callback?state=test&code=xxxA&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid&authuser=0&prompt=none
{"code":400,"error_code":"bad_oauth_state","msg":"OAuth callback with invalid state"}
// I use supabase from @supabase/ssr
import { Auth } from '@supabase/auth-ui-react';
<Auth
view={props.view || 'sign_in'}
supabaseClient={supabase}
providers={['google']}
queryParams={{
state: 'test'
}}
redirectTo={`${getURL()}/auth/callback`}
magicLink={true} />
Google Login/Prompt URL
https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?client_id=xxxx.apps.googleusercontent.com&redirect_uri=https://xxxx.supabase.co/auth/v1/callback&response_type=code&scope=email profile&state=test&service=lso&o2v=2&theme=mn&ddm=0&flowName=GeneralOAuthFlow