diff --git a/CHANGELOG.md b/CHANGELOG.md index 264354b92..edb973744 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [unreleased] +## [0.16.6] - 2023-10-24 + +- Fixed server error in `sign_in_up` API + - There was a bug in case where the API was called with just oAuth tokens without passing the `redirect_uri_info`. + ## [0.16.5] - 2023-10-23 - Relaxed constraint on `pyJWT` dependency. diff --git a/setup.py b/setup.py index 49b5e0563..ca2fdeb34 100644 --- a/setup.py +++ b/setup.py @@ -70,7 +70,7 @@ setup( name="supertokens_python", - version="0.16.5", + version="0.16.6", author="SuperTokens", license="Apache 2.0", author_email="team@supertokens.com", diff --git a/supertokens_python/constants.py b/supertokens_python/constants.py index f6f8fddb3..e399b4d6e 100644 --- a/supertokens_python/constants.py +++ b/supertokens_python/constants.py @@ -14,7 +14,7 @@ from __future__ import annotations SUPPORTED_CDI_VERSIONS = ["3.0"] -VERSION = "0.16.5" +VERSION = "0.16.6" TELEMETRY = "/telemetry" USER_COUNT = "/users/count" USER_DELETE = "/user/remove" diff --git a/supertokens_python/recipe/thirdparty/api/signinup.py b/supertokens_python/recipe/thirdparty/api/signinup.py index 78b2cedff..60937ea49 100644 --- a/supertokens_python/recipe/thirdparty/api/signinup.py +++ b/supertokens_python/recipe/thirdparty/api/signinup.py @@ -42,16 +42,16 @@ async def handle_sign_in_up_api( if third_party_id is None or not isinstance(third_party_id, str): raise_bad_input_exception("Please provide the thirdPartyId in request body") - redirect_uri_info = body.get("redirectURIInfo") - oauth_tokens = body.get("oAuthTokens") - - if redirect_uri_info is not None: - if redirect_uri_info.get("redirectURIOnProviderDashboard") is None: + oauth_tokens = None + redirect_uri_info = None + if body.get("redirectURIInfo") is not None: + if body.get("redirectURIInfo").get("redirectURIOnProviderDashboard") is None: raise_bad_input_exception( "Please provide the redirectURIOnProviderDashboard in request body" ) - elif oauth_tokens is not None: - pass # Nothing to do here + redirect_uri_info = body.get("redirectURIInfo") + elif body.get("oAuthTokens") is not None: + oauth_tokens = body.get("oAuthTokens") else: raise_bad_input_exception( "Please provide one of redirectURIInfo or oAuthTokens in the request body" @@ -71,15 +71,18 @@ async def handle_sign_in_up_api( provider = provider_response - result = await api_implementation.sign_in_up_post( - provider=provider, - redirect_uri_info=RedirectUriInfo( + if redirect_uri_info is not None: + redirect_uri_info = RedirectUriInfo( redirect_uri_on_provider_dashboard=redirect_uri_info.get( "redirectURIOnProviderDashboard" ), redirect_uri_query_params=redirect_uri_info.get("redirectURIQueryParams"), pkce_code_verifier=redirect_uri_info.get("pkceCodeVerifier"), - ), + ) + + result = await api_implementation.sign_in_up_post( + provider=provider, + redirect_uri_info=redirect_uri_info, oauth_tokens=oauth_tokens, tenant_id=tenant_id, api_options=api_options, diff --git a/tests/thirdparty/test_thirdparty.py b/tests/thirdparty/test_thirdparty.py index ee6c36255..93ee7e11a 100644 --- a/tests/thirdparty/test_thirdparty.py +++ b/tests/thirdparty/test_thirdparty.py @@ -268,3 +268,63 @@ async def test_signinup_works_when_validate_access_token_does_not_throw( assert res.status_code == 200 assert access_token_validated is True assert res.json()["status"] == "OK" + + +async def test_signinup_android_without_redirect_uri( + fastapi_client: TestClient, mocker: MockerFixture +): + time = str(datetime.datetime.now()) + mocker.patch( + "supertokens_python.recipe.thirdparty.providers.custom.get_supertokens_user_info_result_from_raw_user_info", + return_value=UserInfo( + "" + time, + UserInfoEmail(f"johndoeprovidertest+{time}@supertokens.com", True), + RawUserInfoFromProvider({}, {}), + ), + ) + st_init_args = { + **st_init_common_args, + "recipe_list": [ + session.init(), + thirdpartyemailpassword.init( + providers=[ + ProviderInput( + config=ProviderConfig( + third_party_id="custom", + clients=[ + ProviderClientConfig( + client_id="test", + client_secret="test-secret", + scope=["profile", "email"], + client_type="android", + ), + ], + authorization_endpoint="https://example.com/oauth/authorize", + authorization_endpoint_query_params={ + "response_type": "token", # Changing an existing parameter + "response_mode": "form", # Adding a new parameter + "scope": None, # Removing a parameter + }, + token_endpoint="https://example.com/oauth/token", + ), + ) + ] + ), + ], + } + init(**st_init_args) # type: ignore + start_st() + + res = fastapi_client.post( + "/auth/signinup", + json={ + "thirdPartyId": "custom", + "clientType": "android", + "oAuthTokens": { + "access_token": "accesstoken", + "id_token": "idtoken", + }, + }, + ) + assert res.status_code == 200 + assert res.json()["status"] == "OK"