ctron / yew-oauth2

General purpose OAuth2 component for Yew
Apache License 2.0
45 stars 17 forks source link

Redirect confusion when multiple configs are in use #43

Open chrysn opened 2 days ago

chrysn commented 2 days ago

In a setup with parallel possible logins, once in a while (my guess: if the hashmap backing them happens to sort them in the wrong way), attempting to log in in one of two configured OAuth2 providers results in an error message at the other one (with "Server returned error response", which is not surprising given they got somehow mixed up).

The setup involves a field in the model

oauth_configs: std::collections::HashMap<std::rc::Rc<str>, yew_oauth2::openid::Config>,

and a loop in the view:

{ for self.oauth_configs.iter().map(|(key, config)| {
    html! { <li key={key.clone()}>
        <OAuth2 config={config.clone()}>
            <LoginView uri={key.clone()} on_access_token_available={ link.callback(Message::AsTokenAvailable) } />
        </OAuth2>
    </li> }
})}

For the moment I work around this by enabling them only on demand; I plan on digging down to this later. (Right now the usefulness of having multiple providers is limited; [edit] once https://github.com/ctron/yew-oauth2/issues/42 is added, this should be different.)

ctron commented 2 days ago

I am not sure I fully understand this. the OAuth2 component injects the context holding the state. That's accessible by all children of this component.

chrysn commented 2 days ago

AIU this is not about the context injected, but about how the data that comes in through the yew-nested-router feature is sent to one or the other OAuth instance. (The only relevant children I have in there are the usual Authenticated / NotAuthenticated / Failure children).