Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Help with 400 returned from provider (Google) #57

Open
dacarlin opened this issue Sep 4, 2024 · 2 comments
Open

Help with 400 returned from provider (Google) #57

dacarlin opened this issue Sep 4, 2024 · 2 comments
Labels
bug Something isn't working question Further information is requested

Comments

@dacarlin
Copy link

dacarlin commented Sep 4, 2024

I'm just learning about how to build web apps with OAuth2, so I apologize if this is a super dumb question. I tried searching online first, but didn't find anything relevant.

I'm getting started with rocket_oauth2 and I tried running the user_info example. I set up an OAuth 2 client via Google Cloud. The login flow seems to work fine, I can visit 127.0.0.1/login/google and log in via the Google OAuth flow, and then when the redirect back to 127.0.0.1 happens, I see a 400.

The console output is

GET /login/google text/html:
   >> Matched: (google_login) GET /login/google
   >> Outcome: Success(303 See Other)
   >> Response succeeded.
GET /auth/google?state=SQ69o49VEEFeVU5ERhrwtA&code=4%2F0AQlEd8z35XvUYTah2pf1IJ2YLFKMAPq4QmDG5Edr0WEfhZjiomKKnWgWq43bV1HvXWOGcg&scope=profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile text/html:
   >> Matched: (google_callback) GET /auth/google
Error: The OAuth2 state cookie was missing. It may have been blocked by the client?
   >> Request guard `TokenResponse < GoogleUserInfo >` failed: Error { kind: ExchangeFailure, source: Some("The OAuth2 state returned from the server did match the stored state.") }.
   >> Outcome: Error(400 Bad Request)
   >> No 400 catcher registered. Using Rocket default.
   >> Response succeeded.

I'm using the user_info example unchanged with the following Cargo.toml

[package]
name = "backend"
version = "0.1.0"
edition = "2021"

[dependencies]
anyhow = "1.0.86"
argon2 = "0.5.3"
diesel = "2.2.3"
dotenvy = "0.15.7"
reqwest = { version = "0.12.0", default-features = false, features = ["json", "rustls-tls"] }
rocket = "=0.5.1"
rocket_oauth2 = "0.5.0"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0.127"

[dependencies.rocket_dyn_templates]
version = "0.2.0"
features = ["tera"]

[dependencies.rocket_sync_db_pools]
version = "0.1.0"
features = ["diesel_sqlite_pool"]

Thanks for any help you're able to provide!
@jebrosen
Copy link
Owner

jebrosen commented Sep 4, 2024

This might be the same issue described in #55 (comment) and hopefully some of that information is helpful. I've seen issues before with localhost and/or HTTP vs HTTPS, with all providers I've tried. Usually it will work after a few retries, but I don't think I've found a "real" solution unfortunately.

@jebrosen jebrosen added bug Something isn't working question Further information is requested labels Sep 4, 2024
@dacarlin
Copy link
Author

dacarlin commented Sep 4, 2024

Thanks so much! Don't know how I missed #55 in my searches, but I will certainly try this out. Will report back here for others in case they hit the same issue.

Btw thanks for your work on rocket_oauth2! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dacarlin @jebrosen