Open rnnyrk opened 1 week ago
I know figured out the correct redirect url for Google. It's the auth.authenticator.url
, but as mentioned before linking this to my Next app results in a TypeError: Cannot use 'in' operator to search for 'getSSTLink' in https://xxx.lambda-url.eu-central-1.on.aws/
, so I have to use the hardcoded value for now.
In my next app/admin/page.tsx
I assert if there is an token, if not, redirect to the admin page
const token = cookiesList.get('token') ?? '';
const state = crypto.randomUUID();
const queryParams = qs.stringify({
response_type: 'code',
redirect_uri: `${AUTH_URL}google/callback`,
client_id: CLIENT_ID,
state,
scope: 'openid profile email',
});
const googleUrl = `${AUTH_URL}google/authorize?${queryParams}`;
if (!token && !searchParams.token) {
redirect(googleUrl);
}
This seems to work. In my auth.ts
I get correct tokenset and a valid login, but my AuthAuthenticator is breaking on a state mismatch..
It now redirects me to https://XXX.lambda-url.eu-central-1.on.aws/google/callback?code=eyJhbGciOiJSUzUxMiJ9....&state=3996f295-d2b7-4dfa-897b-02650ea93fc8
Not providing a state (although optional in https://developers.google.com/identity/openid-connect/openid-connect#response-type) results in a RPError: state missing from the response
I'd try to look more into https://guide.sst.dev/examples/how-to-add-google-login-to-your-sst-apps.html But since some things differ and I keep running into errors, it's super hard to figure out how this is supposed to work
Hi there,
I'm trying to setup SST Auth in Ion with Google login. I took this example (https://github.com/sst/ion/tree/dev/examples/aws-auth) as an base for my setup and tried to go from there.
Unfortunately I'm running into some issue. I've tried to mimic my code as good as possible in this Stackblitz (https://stackblitz.com/edit/sst-auth-google-login-example).
I took the following steps:
sst.config.ts
to handlesecrets.GoogleClientId
andsecrets.GoogleClientSecret
const auth = sst.aws.Auth
insst.config.ts
pointing tosrc/utils/auth.handler
const authCallbackLambda = sst.aws.Function
insst.config.ts
pointing tosrc/lambdas/authCallback.handler
. This is the callback function for the Google login (also tried this with a Next api route atsrc/app/api/auth/callback/route.ts
)const auth = sst.aws.Auth
to my Next App (this results in the first error. As soon as I linkauth.authenticator.url
to my Next application, runningsst dev
shows the error:The lambda appending
/google/authorize
isconst auth = sst.aws.Auth
and theredirect_uri
is theconst authCallbackLambda = sst.aws.Function
I've been trying a bunch of different
redirect_uri
's but nothing is working:Whatever I do or try I keep getting a Google error with
I've setup Google login so many times I know I'd set everything up correctly on the config side.
What am I missing or is not working properly? How to configure the callback lamda?