next-pwa icon indicating copy to clipboard operation
next-pwa copied to clipboard
verified publisher icon shadowwalker

OAuth flow breaks on Safari (iOS and MacOS) in PWA

Open tboerc opened this issue 4 years ago • 2 comments

Summary

I have a project with next-pwa and next-auth. When I try to use Google Sign-In in Safari, next-auth will throw Invalid state returned from OAuth provider. Looks like a next-auth issue, but this was a problem with next-pwa that was fixed at version 5.2.11 as stated on #131. If I downgrade to 5.2.11, Google Sign-In works, but the /_offline fallback doesn't. And on the latest version, the fallback works and Google Sign-In doesn't. I'm creating this issue because would be great to have both working as expected.

Versions

  • next-pwa: 5.2.24
  • next: latest
  • next-auth: 3.27.3

How To Reproduce

  1. Create a Next app;
  2. Install next-pwa and next-auth;
  3. Setup Google Sign-In and try to login on a Safari browser.

Expected Behaviors

Google Sign-In should work on Safari with the latest version of next-pwa, not only with version 5.2.11.

tboerc avatar Aug 05 '21 13:08 tboerc

You are not hosting your next.js from root url path (/) right? Try copy the default runtimeCaching configuration and modify your auth path accordingly in the following part. Such as pathname.startsWith('/api/auth/') -> pathname.startsWith('/xxxxxx/api/auth/') https://github.com/shadowwalker/next-pwa/blob/3fcf99aa96388be90076bd6f9cede8e7bd52db3a/cache.js#L115-L145

shadowwalker avatar Aug 16 '21 04:08 shadowwalker

I'm on 5.5.4 and still facing this issue. I'm using Chrome/Brave.

As a work around, I did:

  1. disable PWA
  2. unregister service worker
  3. restart server
  4. reload app and login
  5. reenable service worker
  6. restart server

Now I'm able to use service workers with session.

Edit: you can just open dev tools > Application > and click unregister > login > reregister

khuezy avatar Jun 11 '22 23:06 khuezy

I'm experiencing this issue as well. I'm on 5.6.0 and using next-pwa with @supabase/auth-helpers-nextjs and @supabase/auth-helpers-react, and I'm only making calls to ${URL}/api/auth/user (my app does not have a base URL).

  • I can verify that the worker is not handling the auth RPC, but the request 200s with an empty response despite Supabase finding the user in the logs.
  • When I disable next-pwa using a line like disable: process.env.NODE_ENV === 'development' and yarn dev, the issue still occurs.
  • I have disabled next-pwa completely for testing by removing it from next.config.js, and the user response is populated as expected and my auth flow works OK.

I'm not super familiar with debugging service workers. @shadowwalker any tips for debugging here? I understand your fix in #131, it appears this is a different problem.

kaspnilsson avatar Sep 19 '22 23:09 kaspnilsson