search

supabase / supabase-swift

A Swift client for Supabase
https://supabase.com/docs/reference/swift
MIT License
701 stars 103 forks source link

Sign In With Apple: 500: Database error saving new user #267

Closed marcusraty closed 7 months ago

marcusraty commented 7 months ago

Bug report

Describe the bug

I am following the guide here: https://supabase.com/docs/guides/auth/social-login/auth-apple?platform=swift

The code that my app is running:

            supabaseClient = SupabaseClient(supabaseURL: URL(string: "https://REMOVED.supabase.co")!, supabaseKey: supabaseAnonKey, options: SupabaseClientOptions(auth: .init(flowType: .implicit)))

SignInWithAppleButton { request in
                            request.requestedScopes = [.email, .fullName]
                        } onCompletion: { result in
                            Task {
                                do {
                                    guard let credential = try result.get().credential as? ASAuthorizationAppleIDCredential
                                    else {
                                        return
                                    }
                                    print("creds", credential)
                                    guard let idToken = credential.identityToken
                                        .flatMap({ String(data: $0, encoding: .utf8) })
                                    else {
                                        return
                                    }
                                    print("idToken", idToken)

                                    try await authService.supabaseClient.auth.signInWithIdToken(
                                        credentials: .init(
                                            provider: .apple,
                                            idToken: idToken
                                        )
                                    )
                                } catch {
                                    print("sign in error \(error.localizedDescription)")
                                    dump(error)
                                }
                            }
                        }

While testing this I realised I made a mistake and initially had a user with the same email address I was using. I used the following SQL to update the auth table to keep testing Sign In with Apple:

update auth.users
set email = 'fake@fake'
where id = 'valid-uid';

I confirmed the email address of the user in my auth table has changed, but I still get the internal server 500 error above.

Note that the sign in with apple modal requests facial ID and then transitions to a tick - showing that everything is working?

Note I am using flowtype .implicit - not sure if this is supported for sign in with Apple?

My code gives the following error:

sign in error Internal Server Error
▿ Auth.AuthError.api
  ▿ api: Auth.AuthError.APIError
    - msg: nil
    - code: nil
    ▿ error: Optional("server_error")
      - some: "server_error"
    ▿ errorDescription: Optional("Internal Server Error")
      - some: "Internal Server Error"
    - weakPassword: nil

Expected behavior

Should be able to sign in / create a new user with Apple OR if there is some error it would be helpful if it was more detailed please.

System information

iOS supabase main c06aa18

Additional context

Let me know if you need any extra info

marcusraty commented 7 months ago

Oh dear... something very strange is going on.

Here is what I have done now - I hope to get some feedback on what is going on with this.

1) Follow the instructions in here to remove the Sign In with Apple from the Apple account for my app: https://forums.developer.apple.com/forums/thread/121496 (Then go to "sign in and security" > "sign in with apple". A popup appears showing apps and website where apple sign-in is used. Clic on the app of your choice and then on "stop using sign in with apple) 2) Check supabase auth table still shows fake@fake for my user account. NOTE: I used my apple ID email to make the user account in the first place. 3) Try to sign in again (this time, not using the private relay, so it would see my real email address, the one I originally made my account with). 4) it signs me into the EXISTING fake@fake account, using the real email address even though the email address in the auth table is fake@fake > I assumed it should make a NEW account with my REAL email address?

To make things more confusing. 1) Sign out of my account in the app 2) try to sign in using my real email address (not in the auth table it is still fake@fake). 3) I get invalid credentials > this makes sense 4) try to sign in now with fake@fake as the email address > this works and I get signed into the user account

Is this what should happen?

Objy-marcus commented 7 months ago

I just realised what is happening here and it is 100% my own issue.

I have a trigger set up on auth.users to accept some meta data (username, etc), and this is missing but trying to be called when I signInWithIdToken.

I will leave this open just for someone from the supabase team to see this, in particular because of the behaviour around sign in with apple signing me into an existing account even with the email address was changed in the auth table.

grdsdev commented 7 months ago

Hi @marcusraty,

I'll take a deeper look at this, but I don't think changing the email on auth.users table would be enough for what you were trying to accomplish.

Happy to know that you were able to make it work.

But I'l check if there's anything on our side.

Thanks!

Objy-marcus commented 7 months ago

Thanks appreciate that @grdsdev - is there anywhere that goes into detail around the way supabase auth is structured so I don't make a mistake assuming I can do something like this again? Thanks