Can't login with Google if you have an PNG profile picture

[eugirdor]

I think the issue is in this bit of code:

https://github.com/appy-one/acebase-server/blob/9d9e22d9d0cd94a8d273c1f12fd1eb50285c8ca7/src/routes/oauth2-signin.ts#L52-L72

It returns early and never executes the rest of the method, so the redirect to the callbackUrl never happens.

I think it should probably use an else instead of the return:

 if (user_details.picture && user_details.picture.length > 0) { 
     // Download it, convert to base64 
     const best = user_details.picture.sort((a,b) => a.width * a.height > b.width * b.height ? -1 : 1)[0] 
     try { 
         const response = await fetch(best.url); 
         const contentType = response.headers.get('Content-Type'); 
         if (contentType === 'image/png') { //state.provider === 'google' &&  
             // Don't accept image/png, because it's probably a placeholder image. Google does this by creating a png with people's initials 
             user_details.picture = []; 
         } 
         else {
             const image = await response.arrayBuffer(); 
             let buff = Buffer.from(image); 
             best.url = `data:${contentType};base64,${buff.toString('base64')}`; 
             user_details.picture = [best]; // Only keep the best one
        }
     } 
     catch(err) { 
         env.debug.warn(`Could not fetch profile picture from "${best.url}": `, err); 
         user_details.picture = null; 
     } 
 } 

[appy-one]

Good catch! This code used to be Promise/then/catch based before I refactored to async/await, so the return statement is probably a remnant of that... If you'd want to send a PR, please do! Otherwise, I'll adjust it in the code myself.