search

FusionAuth / fusionauth-issues

FusionAuth issue submission project
https://fusionauth.io
91 stars 12 forks source link

authenticationType:PASSWORD in JWT after authenticating w/FB #1760

Open gnarlium opened 2 years ago

gnarlium commented 2 years ago

authenticationType:PASSWORD in JWT after authenticating w/FB

Description

This concerns behavior observed when authenticating using FA hosted web forms; testing is done in private/incognito browsers.

In Chrome, when authenticating using Facebook, the resultant JWT has an incorrect value, PASSWORD, for the authenticationType claim.

But, when attempting to reproduce in Firefox, the emitted JWT contains the correct claim value, FACEBOOK.

Note: Another dev was not able to reproduce the issue in Chrome v97.0.4692.71.

Affects versions

FusionAuth v1.36.5 - no testing yet w/other versions

Steps to reproduce

Steps to reproduce the behavior:

  1. Go to https://account-dev.radio.com/oauth2/authorize?client_id=9e3d95bc-5241-4e9c-8ed9-7a98e66414a6&response_type=code&redirect_uri=https%3A%2F%2Fapi.dev.audacy.com%2Fidentity
  2. Sign in using Facebook
  3. Decode the emitted JWT
  4. Observe incorrect value for authenticationType claim

Expected behavior

When authenticating using Facebook, FusionAuth should emit a JWT with the claim "authenticationType": "FACEBOOK".

Screenshots

2 .har files are attached in the comment below, one for each browser.

Screen recording showing behavior in Chrome / FF: https://drive.google.com/file/d/1k3v5a_de79auuAKAQRcPiB0VVXDDNdQG/view?usp=sharing

Platform

gnarlium commented 2 years ago

.har files, as mentioned above: har-har.zip

jobannon commented 1 year ago

Can confirm this behavior is persistent regardless of chrome or firefox based on recent tests. Reviewing how we arrive in this state.