[SDK 49, V2] - Hashes in URL are stripped automatically. Breaks oAuth callbacks

[sannajammeh]

Which package manager are you using? (Yarn is recommended)

pnpm (known issues due to Metro)

Summary

Supabase Auth and Azure AD B2C both uses callback hashes in the url like so:

origin/path#token=x&refresh_token=y. V1 of Expo router would keep these intact so that client libraries could strip it from the pathname and serialize them into query parameters that can be used to authenticate.

In my app Supabase magic link login is now broken as the hashes are stripped from the pathname. I suspect this also breaks webview oAuth logins that redirect back to the app.

Confirmed this by opening with uri-scheme open "exp://127.0.0.1:8081/--/(auth)/callback/magiclink#test=true" --ios.

Callback is a catch all route with [...callback].tsx inside. pathname.

The affected expo-router api's are below:

• useGlobalSearchParams -> {"callback": "magiclink"}
• useLocalSearchParams -> {"callback": ["magiclink"]}
• usePathname -> /callback/magiclink

This however, works flawlessly:

Linking.addEventListener("url", (e) => console.log(e.url)) // exp://127.0.0.1:8081/--/(auth)/callback/magiclink#test=true

On V1 all 3 provide the parameters with the hash.

Minimal reproducible example

Url: https://github.com/sannajammeh/expo-v2-fail

Steps:

1. Run pnpm install or yarn
2. Run expo start --ios
3. Run npx uri-scheme open "exp://127.0.0.1:8081/--/(auth)/callback/magiclink#test=true" --ios
4. Observe the following logs:

 LOG  From Event Linking exp://127.0.0.1:8081/--/(auth)/callback/magiclink#test=true
 LOG  {"global": {"result": "magiclink"}, "local": {"result": ["magiclink"]}}