-
-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Github App Installations #584
Comments
Take 2
What is the expected format of the state? |
I'm having the same exact issue as well, but despite turning on the email address access, I'm still receiving the same issue. |
I am also getting the same issue. Your video showed the flow where users login through the app. |
@gabriel-pineda You will need to provide me with steps for that please and it would be good to provide an app that works with the flow you are mentioning so I can understand it better. |
@saddam-azad outlined it perfectly above, but i can supply you with a video: supabase-auth-bug.movthis flow started from clicking on "Install App" from the Github App page. whereas in your video, you installed the App on your website. Installing the app via the website works fine, the problem lies on installing the app from Github App page (and possibly even in github app marketplace) Edit: might also be related to this:https://github.com/orgs/supabase/discussions/397#discussioncomment-396221 |
@gabriel-pineda I was asking for an app that actually works with this flow, not one that doesn't work (in the case of your supabase app). I need to see the flow working to understand better what is supposed to happen, so please link to any other GitHub App that you know of that works as expected. |
@silentworks, appears there is some confusion regarding what is happening. Allow me to break this down: 1. Supabase Github OAuth Flow:
i.e. User clicks on Login (using Supabase client-side handler) Supabase works as expected. Edit: The OAuth Flow works seamlessly with a Github App too, as you have shown in your video. 2. Github App Installation Flow:
i.e. User goes to This flow only takes place when a) You try to install a Github App from Marketplace, or b) The Client sends User to this URL on purpose. User creates a new Github redirects the User to Supabase Redirect URL such as: The installation flow sends As you can see, the |
@saddam-azad I don't think you read my message correctly. What I am asking for is an example app (not Supabase app) that has this flow working so I can see what is expected to happen. Describing to me what's happening without me being able to test it makes it kinda hard for me to work out what's causing the issue as this might be more of a GoTrue issue than the auth-helpers itself. |
@silentworks Try out nuxt.studio. Create an account and import a project from Github. There is a working Github App Installation Flow. |
Thanks for the link @saddam-azad, I'm going to re-open this issue until I test nuxt.studio and see how the flow work to further finding a fix for the issue. |
@saddam-azad have you figured out this? I'm also facing the same problem |
Describe the bug
We are using a Github App (as opposed to Github OAuth App) as the Client ID in Supabase Auth. Supabase handles normal user authentication as expected: The App is installed on the User account successfully.
However, if we attempt to add new installations of the App on more User/Org accounts, Supabase is unable to handle App installations.
To Reproduce
Here is the workflow:
The user clicks on a button that should take them to the following URL:
https://github.com/apps/<APP>/installations/new
The user selects an account or organization and proceeds to install the GitHub App.
After the installation is completed, GitHub redirects the user to the Redirect URL:
https://<PROJECT>.supabase.co/auth/v1/callback?code=<CODE>&installation_id=<ID>&setup_action=install
Error:
400 "OAuth state parameter missing"
Expected behavior
Supabase should redirect the user back to the app with a refreshed token.
System information
The text was updated successfully, but these errors were encountered: