But the returned responseUrl is valid, because when I punched responseUrl into the chrome browser (i.e. made an additional GET request) it performs a redirect to the correct address https://redditenhancementsuite.com/oauth#access_token=... which contains the access_token desired.
Perhaps another sendMessage should be added if the redirect_uri parameter exists, or if the responseUrl domain isn't redditenhancementsuite.
EDIT: Found a root cause (there may be more, I'm unsure)
It appears (from my tests) that an additional redirect is done when login_hint contains an email from a GSuite domain (rather than @yahoo, @gmail, etc.). For these emails, the hd parameter must be added in to prevent a second redirect.
In other words: domain: `https://accounts.google.com/signin/oauth?login_hint=${googleLoginHint} needs to be more like domain: `https://accounts.google.com/signin/oauth?login_hint=${googleLoginHint}&hd=${GSuiteDomain}.
The other option would be to support an arbitrary number of redirects, but it looks like the only thing the redirect does for now is add as and hd parameters. The as parameter doesn't seem to be necessary, but hd seems to be required.
"No token found in response" when googleAccount (
googleLoginHint
) is specified.https://github.com/honestbleeps/Reddit-Enhancement-Suite/blob/5e2630b00a5837f9a59b8fbbefd8aa4acf136953/lib/environment/foreground/auth.js#L28-L41
I looked into the value of
responseUrl
whengoogleLoginHint
is specified, and it's of the form:which is missing the
access_token
parameter, rather than expectedBut the returned
responseUrl
is valid, because when I punchedresponseUrl
into the chrome browser (i.e. made an additional GET request) it performs a redirect to the correct addresshttps://redditenhancementsuite.com/oauth#access_token=...
which contains theaccess_token
desired.Perhaps anothersendMessage
should be added if theredirect_uri
parameter exists, or if theresponseUrl
domain isn'tredditenhancementsuite
.EDIT: Found a root cause (there may be more, I'm unsure)
It appears (from my tests) that an additional redirect is done when
login_hint
contains an email from a GSuite domain (rather than @yahoo, @gmail, etc.). For these emails, thehd
parameter must be added in to prevent a second redirect.In other words:
domain: `https://accounts.google.com/signin/oauth?login_hint=${googleLoginHint}
needs to be more likedomain: `https://accounts.google.com/signin/oauth?login_hint=${googleLoginHint}&hd=${GSuiteDomain}
.The other option would be to support an arbitrary number of redirects, but it looks like the only thing the redirect does for now is add
as
andhd
parameters. Theas
parameter doesn't seem to be necessary, buthd
seems to be required.Originally posted in https://github.com/honestbleeps/Reddit-Enhancement-Suite/issues/5212#issuecomment-751829160