There is unexpected back redirection to the "Welcome page" after a click on "SIGN UP/LOG IN with GOOGLE" button.

[vldkh]

There is unexpected back redirection to the "Welcome page" after a click on "SIGN UP/LOG IN with GOOGLE" button.

Preconditions:

1. the user has an account
2. the registration page is open

Steps to reproduce:

1. Click on the "AGREE & SIGN UP WITH GOOGLE" button
2. Choose an already registered account / create a new account
3. Observe the result
4. If successful, repeat steps 1-3 till the redirect to the "Welcome page".

Actual result:
There is unexpected back redirection to the "Welcome page" after a click on "SIGN UP/LOG IN with GOOGLE" button.

Expected result:
There is no unexpected back redirection to the "Welcome page" after a click on "SIGN UP/LOG IN with GOOGLE" button.

Environment:
PROD 1.29.1-15

Devices:
Windows 10 // Google Chrome v91

Attachments:
https://www.screencast.com/t/RT04yn60
https://www.screencast.com/t/LmqAEjnClk
https://www.screencast.com/t/gfTBCX2xpjA

Note:
Maybe when the user already exists connected to this problem. But I'm not sure...
I will update the information when I get more info also with Passwordless registration.
According to the "AGREE & SIGN UP WITH GOOGLE" method, for me it every second attempt is unsuccessful

[sirpy]

@vldkh the steps to reproduce are not clear enough.
as I recall you pressed the back button after the signup form is shown right?
also you say to choose and alredy existing account/create a new account, does that mean it happens with both "login" and "sign up"?

[sirpy]

@vldkh also the screencast is wrong, that's the facebook issue video...

[vldkh]

@sirpy
Steps to reproduce:

1. Click on the "AGREE & SIGN UP WITH GOOGLE" button >> The "Choose your account" page is open;
2. Choose the already existing account >> The "You already used this account when you signed up with google" popup is shown
3. Click on the "BACK (Google Chrome)" button >> The "Choose your account" page is open;
4. Choose the same account like it was before >> The "WELCOME PAGE IS OPEN".

Attachments:
SIGN UP - https://www.screencast.com/t/evKP7x1rtZv
LOGIN - https://www.screencast.com/t/HQOR3iUmY

Note:
It works the same way with "login" and "sign up". For me, it reproducing only when you use the "Back Chrome button".

[TomasGonzalez]

I traced back the issue, to the function handleLoginMethod in src/components/auth/torus/AuthTorus.js

Specifically this section

//don't expect response if in redirect mode, this will be called again with response from effect
      if (config.env !== 'test' && !torusSDK.popupMode && torusUserRedirectPromise == null) {
        //just trigger the oauth and return
        log.debug('trigger redirect flow')

        //keep the provider and if user is signin/signup for recall
        AsyncStorage.setItem('recallTorusRedirectStarted', true)
        AsyncStorage.setItem('recallTorusRedirectProvider', provider)
        authScreen && AsyncStorage.setItem('recallTorusRedirectScreen', authScreen)

        await getTorusUser(provider).catch(showSignupError)
        hideDialog() //we hide dialog because on safari pressing back doesnt reload page
        return
      }

The problem is that when the user press go back to the previous page, it gets redirected to the google login or whatever torusSDK.triggerLogin(provider) redirects to, but the flags recallTorusRedirectStarted and recalltorusRedirectProvider don't get set, and also we won't get a value on thetorusSDK.getRedirectResult() promise after choosing an account (I'm yet not sure of the reason of this last part but it must be related to the fact that when we press back we aren't sending
{ verifier: torusGoogle, clientId: googleClientId } and It probably gets lost).
The only solution that occurs to me at the moment would be to change the behavior of the torusSDK.triggerLogin(provider) from redirect to a popup so the user can't go back to the torusSDK.triggerLogin(provider) screen.

But as I read the code It seems apparent to me that the redirect behavior was chosen for a reason that I'm not aware of?

Could I get a confirmation? besides that, I don't think there is much we could do here...
@sirpy @johnsmith-gooddollar

[sirpy]

@TomasGonzalez the popup flow is not working on facebook browser for example and also many times the user have a popups blocker

The localstorage flags I use are to know that a user started the login flow, and when he comes back from redirect I should try to get the response from torus and I would also know which login method he used.

To fix it we need to make sure, that if torusSDK.getRedirectResult failed we clear the flags, and when the user presses any of the login buttons again it should behave the same way as if he reloaded the page from scratch

[sirpy]

@TomasGonzalez
you need to check the behaviour of handleLoginMethod

• when user comes back from redirect it is automatically called through useeffect and getTorusUserRedirect based on the flags, with an extra parameter a promise with torus response
• if user clicks on one of the buttons it is called but with promise set to null

So you need to check why it doesnt work as expected

[TomasGonzalez]

@sirpy the problem is not happening because getRedirectResult is failing, and the reason why handleLoginMethod won't get called is that in the case of this bug when the user goes back from the signing modal the flags won't get set, and I believe that there is no way to set them before the go back.

[TomasGonzalez]

I talked with @sirpy this is normal behavior so I'm closing this issue.

[TomasGonzalez]

torus replied to the chat with.
I investigated this and I don’t think the solution torus gave us is going to work for us… the clearLoginDetails does not seem to be In the SDK as they said, also even if the login sends the response, there is no flag set so the app won't be able to do anything with it…
Can’t find anything related to the clearLoginDetailsStorage in the torus docs also.

[sirpy]

https://github.com/torusresearch/torus-direct-web-sdk/search?q=clearLoginDetailsStorage

[johnsmith-gooddollar]

@TomasGonzalez here's the solution possible:
#3496

need to test it

[TomasGonzalez]

the issue persists.

[johnsmith-gooddollar]

@TomasGonzalez then close this PR and task

[sirpy]

there's nothing we can do about it