Closed TheKnightCoder closed 5 months ago
fixed in pr #191
I found another bug it's related to what i spotted before if you use a router for example with cloudfront for a custom domain name abc.com
Cloudfront will forward the request to the lambda and put the origin instead of the custom domain name : xxxxxxx.lambda-url.eu-west-1.on.aws
Then the call will be on :
Then the OIDC adapter will extract the callback url https://xxxxxxx.lambda-url.eu-west-1.on.aws/google/callback and the the cookies will be set with the domain xxxxxxx.lambda-url.eu-west-1.on.aws, the browser won't accept the cookies since its does not come from the custom domain
and the retrieving of auth_state variable in the cookies will fail in the callback
I tested by hardcoding the callback url with my custom domain and it worked.
In SST2 we had this code, but it's not here anymore in Ion
const callback = "https://" + useDomainName() + "/callback";
I don't see any information for the custom domain name from hono request
Maybe we could pass the domain in the config object ? if it's present replace it in the url ?
@TheUncharted open a new issue maybe?
The OIDC adapter in the sdk has a bug
sdk/js/src/auth/adapter/oidc.ts
line 24 the/authorize
endpoint doesn't account for query parameters when defining the callback urlconst callback = c.req.url.replace(/authorize$/, "callback");
should be something along the lines of
const callback = c.req.url.split("?")[0].replace(/authorize$/, "callback");
to remove the query string paramers