Skip to content

Update SupaSocialsAuth to pass scopes and query params to signInWithOAuth #71

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 23, 2024
Merged

Update SupaSocialsAuth to pass scopes and query params to signInWithOAuth #71

merged 2 commits into from
Jan 23, 2024

Conversation

dannypurcell
Copy link
Contributor

@dannypurcell dannypurcell commented Jan 16, 2024
edited
Loading

What kind of change does this PR introduce?

Bug fix/Enhancement to SupaSocialsAuth.

What is the current behavior?

Without the scopes and ability to include prompt=consent in the provider OpenID /authorize request, users are never given the opportunity to grant permissions to an app beyond just the ability to sign in.

What is the new behavior?

It is now possible to add scopes and query parameters to SocialsAuth.

SocialsAuth(
  socialProviders: [
    SocialProviders.azure,
  ],
  colored: true,
  redirectUrl: authService.redirectUrl,
  onSuccess: (Session response) {},
  onError: (error) {},
  scopes: '.default',
  queryParams: (promptConsent) ? {'prompt': 'consent'} : {},
)

This example triggers a consent prompt for all permissions the Azure app registration has requested.
https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc#the-default-scope

Additional context

This is a requirement for apps using Azure Active Directory and the Microsoft Graph API unless we want to make an Azure AD admin manually grant permissions through the Azure console any time they change.

dshukertjr
dshukertjr reviewed Jan 16, 2024
View reviewed changes
Copy link
Member

@dshukertjr dshukertjr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this! Yes, it would be great if we could support scopes and queryParams for social auth!

Would you be able to update it so that we can pass different scopes and queryParams for each provider?

Maybe we could make scopes type Map<OAuthProvider, String>?, make queryParams type Map<OAuthProvider, Map<String, String>>? so that users can specify different parameters for different OAuth provider?

@dannypurcell
Copy link
Contributor Author

dannypurcell commented Jan 18, 2024
edited
Loading

That makes sense, I'll try it out here in a couple of days and update.

@dshukertjr dshukertjr mentioned this pull request Jan 19, 2024
Merged
dshukertjr
dshukertjr approved these changes Jan 23, 2024
View reviewed changes
Copy link
Member

@dshukertjr dshukertjr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just updated the PR from my end. Thanks for the amazing contribution!

@dshukertjr dshukertjr merged commit 616d77b into supabase-community:main Jan 23, 2024
@dannypurcell dannypurcell deleted the patch-1 branch January 28, 2024 00:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dshukertjr dshukertjr dshukertjr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dannypurcell @dshukertjr