Skip to content
This repository was archived by the owner on Sep 8, 2025. It is now read-only.

Conversation

@fonsiheruz
Copy link
Contributor

@fonsiheruz fonsiheruz commented Jan 30, 2025

What kind of change does this PR introduce?

Bug fix - Corrects the handling of redirect_to parameter in SSO authentication.
Closes #670

What is the current behavior?

In the GoTrue client's sign_in_with_sso method, the redirect_to parameter is being passed as a separate parameter to the _request method instead of being included in the request body. This can cause issues with SSO redirects not working as expected.

Current implementation:

return self._request(
    "POST",
    "sso",
    body={
        "domain": domain,
        "skip_http_redirect": skip_http_redirect,
        "gotrue_meta_security": {
            "captcha_token": "",
        },
    },
    redirect_to=redirect_to,  # Incorrectly placed here
    xform=parse_sso_response,
)

Relates to issue: #670

What is the current behavior?

The redirect_to parameter is now correctly included in the request body:

return self._request(
    "POST",
    "sso",
    body={
        "domain": domain,
        "skip_http_redirect": skip_http_redirect,
        "gotrue_meta_security": {
            "captcha_token": "",
        },
        "redirect_to": redirect_to,  # Correctly placed in body
    },
    xform=parse_sso_response,
)

This change ensures that SSO redirects are handled properly according to the GoTrue API specifications.

Additional context

  • This fix affects both domain-based and provider-based SSO authentication flows
  • The change aligns the Python implementation with the expected API behavior
  • No breaking changes are introduced

@silentworks silentworks changed the title fix(!670): move redirect_to into metadata for SSO authentication fix: move redirect_to into metadata for SSO authentication Jan 30, 2025
Copy link
Contributor

@silentworks silentworks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, thanks for this.

@coveralls
Copy link

Pull Request Test Coverage Report for Build 13058115854

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 60.3%

Totals Coverage Status
Change from base Build 13057869805: 0.0%
Covered Lines: 1367
Relevant Lines: 2267

💛 - Coveralls

@silentworks silentworks merged commit 6226426 into supabase:main Jan 30, 2025
9 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

GoTrue-py: redirect_to parameter incorrectly passed in SSO authentication

4 participants