ChilliCream / graphql-platform

Welcome to the home of the Hot Chocolate GraphQL server for .NET, the Strawberry Shake GraphQL client for .NET and Banana Cake Pop the awesome Monaco based GraphQL IDE.
https://chillicream.com
MIT License
5.23k stars 745 forks source link

Banana Cake Pop OAuth2 broke with V2 #5471

Open JamieBerghmans opened 2 years ago

JamieBerghmans commented 2 years ago

Is there an existing issue for this?

Describe the bug

I use the downloaded version of Banana Cake Pop, and was able to use OAuth2 perfectly. But ever since updating to BCP 2.0.0, my OAuth flow logs me in, and then throws "Either the parameter query or the parameter id has to be set" Full error: {"errors":[{"message":"Either the parameter query or the parameter id has to be set.","extensions":{"code":"HC0013"}}]}

I tried downgrading back to BCP 1.0.0 but since today that has started throwing CORS errors so I assume something changed serverside?

The only issue I found related to this error is one where it's said that you should use the client and not the web browser for OAuth, but I am doing that.

Steps to reproduce

The OAuth2 provider I'm using is Azure AD. Authenticating with OAuth2 with "Implicit" grant type, and "Access token" as response.

Relevant log output

Error code show in popup window:

{"errors":[{"message":"Either the parameter query or the parameter id has to be set.","extensions":{"code":"HC0013"}}]}

Error shown in dev console:

DOMException: Blocked a frame with origin "banana-cake-pop://app" from accessing a cross-origin frame.
    at banana-cake-pop://app/static/js/243.082d6152.chunk.js:1:114770

Additional Context?

image

Product

Banana Cake Pop

Version

2.0.0

michaelstaib commented 2 years ago

Hey,

thanks for reporting. The team is working on this issue and we will have this fixed in the insider build soon. I will report back as soon as the fix is merged.

rstaib commented 2 years ago

@JamieBerghmans could you then please try BCP version 1.0.4`?

JamieBerghmans commented 2 years ago

Version 1.0.4 works as expected :)

rstaib commented 2 years ago

Version 1.0.4 works as expected :)

Perfect! At least you have a workaround for now 😉

JamieBerghmans commented 2 years ago

Yes! Thanks for the quick help! I'll patiently wait for the V2 fix now :)

jhpetersen commented 2 years ago

Run into the same issue after upgrading to BCP 2. This is the second time OAuth authorization is killed with an BCP update - would it be possible to add an e2e test for this? 😉

rstaib commented 2 years ago

@jhpetersen this is due to a change in Electron. By the way we're now heading towards another approach in V3. Then it should work again 👍🏽

rstaib commented 2 years ago

@jhpetersen and sorry for any inconvenience.

jhpetersen commented 2 years ago

No worries, it's an open source project and i really appreciate your hard work on this! 🏅 👍