auth icon indicating copy to clipboard operation
auth copied to clipboard

Published 20 hours ago verified publisher icon supabase

Facebook Social Auth signInWithIdToken needs custom parser

Open kelvanb97 opened this issue 4 months ago • 12 comments

Bug Report

Describe the bug

Experiencing issues with supabase.auth.signInWithIdToken via the react-native-fbsdk-next lib, custom auth flow, and web based approach for authentication. All errors point in the same direction:

ERROR : {"name":"AuthApiError","message":"Bad ID token","status":400}

To Reproduce

Steps to reproduce the behavior:

  1. Implement supabase.auth.signInWithIdToken with react-native-fbsdk-next according to Supabase docs.
  2. Attempt to log in using Facebook credentials.
  3. In a separate scenario, follow the WebBrowser-based authentication approach.
  4. Observe the errors in both methods.

Expected behavior

Successful authentication without errors using both the native and web approaches for logging in with Facebook credentials.

Screenshots

N/A

System information

N/A

Additional context

The issue seems related to handling JWT structures and server-side errors during the authentication process. Investigations into Supabase's handling of generic ID tokens and discussions on platforms like Reddit suggest this might be an upstream error with Supabase. Looking at the function ParseIDToken found at auth/internal/api/provider/oidc.go it looks like the same pattern needs to be applied to Facebook Id tokens.

Suggested fix

Add a new function parseFacebookIdToken to ParseIDToken that is specifically designed for FB JWT tokens.

kelvanb97 avatar Apr 09 '24 17:04 kelvanb97