search

superseriousbusiness / gotosocial

Fast, fun, small ActivityPub server.
https://docs.gotosocial.org
GNU Affero General Public License v3.0
3.71k stars 319 forks source link

[bug] oauth with OOB results in 404 on success #1518

Closed daenney closed 1 year ago

daenney commented 1 year ago

Describe the bug with a clear and concise description of what the bug is.

I'm filing this on the backend and not frontend since ti's probably a case of "both".

When logging in to GTS, if the out-of-band method/OOB is used and succeeds you're directed to a /oob?code=<HEX> page. This code is necessary to then pass on to the client, but unfortunately GTS renders a 404 instead of a nice HTML page with the code. You have to notice that it's in the URL and pick it from there which especially on mobile is easily missed.

What's your GoToSocial Version?

v0.7.0 git-f86152b

GoToSocial Arch

amd64 binary

What happened?

I tried to login using Whalebird.

What you expected to happen?

A nice HTML page gets displayed with the auth code for you to copy.

How to reproduce it?

Use any client that uses OOB to authenticate, like Whalebird or a CLI, and try to login.

Anything else we need to know?

No response

daenney commented 1 year ago

Weirdly enough, we have an oob.tmpl and a handler that's supposed to render this:

We have all the pieces, but they're not coming together as they should.

f0x52 commented 1 year ago

the oob template is served at /oauth/oob but the oob flow redirects to /oob, working on the PR