Error when using oauth with provider linkedin_oidc - Error getting user profile from external provider #1533
Labels
bug
Something isn't working
Comments
This was referenced Apr 14, 2024
|
There are 3 other reports of this. One on Discord and: |
|
Thanks for reporting this! afaik we haven't changed anything w.r.t the provider. Checking if anything changed upstream |
J0
pushed a commit
that referenced
this issue
Apr 15, 2024
## What kind of change does this PR introduce? Fixes #1533 ## What is the current behavior? Attempting to signInWithOAuth with linkedin_iodc provider results in error 500 ## What is the new behavior? Attempting to signInWithOAuth with linkedin_iodc results in a successful login ## Additional context Error from Supabase Auth Logs: `oidc: id token issued by a different provider, expected \"https://www.linkedin.com\" got \"https://www.linkedin.com/oauth\"`
|
@omerhochman @GaryAustin1 something definitely changed on linkedin's end :( even their documentation is inconsistent - the discovery document shows the |
kangmingtay
added a commit
that referenced
this issue
Apr 15, 2024
## What kind of change does this PR introduce? * Linkedin introduced a breaking change by changing the issuer url in their discover document from `https://linkedin.com` to `https://linkedin.com/oauth` * Fixes #1533, #1534, [#22711](https://github.com/orgs/supabase/discussions/22711), [#22708](https://github.com/orgs/supabase/discussions/22708) ## What is the current behavior? Please link any relevant issues here. ## What is the new behavior? Feel free to include screenshots if it includes visual changes. ## Additional context Add any other context or screenshots.
J0
added a commit
that referenced
this issue
Apr 15, 2024
Combination of multiple commits. More context below: Fixes #1533 Attempting to signInWithOAuth with linkedin_iodc provider results in error 500 Attempting to signInWithOAuth with linkedin_iodc results in a successful login Error from Supabase Auth Logs: `oidc: id token issued by a different provider, expected \"https://www.linkedin.com\" got \"https://www.linkedin.com/oauth\"` fix: revert patch for linkedin_oidc provider error (#1535) Reverts #1534 Doesn't seem to work as expected. Directly testing against the API by calling `https://localhost:9999/?provider=linkedin_oidc will return a 404 error. fix: update linkedin issuer url (#1536) * Linkedin introduced a breaking change by changing the issuer url in their discover document from `https://linkedin.com` to `https://linkedin.com/oauth` * Fixes #1533, #1534, [#22711](https://github.com/orgs/supabase/discussions/22711), [#22708](https://github.com/orgs/supabase/discussions/22708) Please link any relevant issues here. Feel free to include screenshots if it includes visual changes. Add any other context or screenshots. chore(master): release 2.149.0 (#1532) :robot: I have created a release *beep* *boop* --- [2.149.0](v2.148.0...v2.149.0) (2024-04-15) * refactor generate accesss token to take in request ([#1531](#1531)) ([e4f2b59](e4f2b59)) * linkedin_oidc provider error ([#1534](#1534)) ([4f5e8e5](4f5e8e5)) * revert patch for linkedin_oidc provider error ([#1535](#1535)) ([58ef4af](58ef4af)) * update linkedin issuer url ([#1536](#1536)) ([10d6d8b](10d6d8b)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Revert "Merge branch 'master' into j0/allow_postgres_and_http_on_extensibility_point" This reverts commit 4311d7e, reversing changes made to 32fd777.
|
Looks like the issue is fixed, signInWithOAuth with linkedin_oidc works again! |
|
I am still seeing the |
|
@omerhochman Do I need to update the version? because I am still getting this error. |
|
Hey @jagatfx and @ahmedivy, I don't know why it fails for you, I did not change anything. They probably fixed an endpoint up here. I am actually using an old version of This is from my "@nuxtjs/supabase": "^0.3.8",And this is the usage: const result = await authClient.auth.signInWithOAuth({
provider: 'linkedin_oidc',
options: {
redirectTo: `${WEBAPP_URL}/onboarding`,
},
})Works for me. |
|
@omerhochman I am using with Nextjs "@supabase/ssr": "^0.3.0",
"@supabase/supabase-js": "^2.42.4",export const linkedInSignIn = async () => {
const supabase = createClient();
const origin = headers().get("origin");
const { data, error } = await supabase.auth.signInWithOAuth({
provider: "linkedin_oidc",
options: {
redirectTo: `${origin}/auth/callback`,
},
});
if (error) {
return redirect("/login?message=Could not authenticate user");
}
redirect(data.url);
}; |
|
@ahmedivy Were you able to get this issue fixed on your end? I am having the same issue. |
Thanks. I had to write into support and have them change a piece of my infrastructure setup. My GoTrue version was stuck at 2.148.0 but the fix is in 2.149.0. The settings are at https://supabase.com/dashboard/project/_/settings/infrastructure. 
|
uxodb
pushed a commit
to uxodb/auth
that referenced
this issue
Nov 13, 2024
## What kind of change does this PR introduce? Fixes supabase#1533 ## What is the current behavior? Attempting to signInWithOAuth with linkedin_iodc provider results in error 500 ## What is the new behavior? Attempting to signInWithOAuth with linkedin_iodc results in a successful login ## Additional context Error from Supabase Auth Logs: `oidc: id token issued by a different provider, expected \"https://www.linkedin.com\" got \"https://www.linkedin.com/oauth\"`
uxodb
pushed a commit
to uxodb/auth
that referenced
this issue
Nov 13, 2024
## What kind of change does this PR introduce? * Linkedin introduced a breaking change by changing the issuer url in their discover document from `https://linkedin.com` to `https://linkedin.com/oauth` * Fixes supabase#1533, supabase#1534, [#22711](https://github.com/orgs/supabase/discussions/22711), [#22708](https://github.com/orgs/supabase/discussions/22708) ## What is the current behavior? Please link any relevant issues here. ## What is the new behavior? Feel free to include screenshots if it includes visual changes. ## Additional context Add any other context or screenshots.
LashaJini
pushed a commit
to LashaJini/auth
that referenced
this issue
Nov 13, 2024
## What kind of change does this PR introduce? Fixes supabase#1533 ## What is the current behavior? Attempting to signInWithOAuth with linkedin_iodc provider results in error 500 ## What is the new behavior? Attempting to signInWithOAuth with linkedin_iodc results in a successful login ## Additional context Error from Supabase Auth Logs: `oidc: id token issued by a different provider, expected \"https://www.linkedin.com\" got \"https://www.linkedin.com/oauth\"`
LashaJini
pushed a commit
to LashaJini/auth
that referenced
this issue
Nov 13, 2024
## What kind of change does this PR introduce? * Linkedin introduced a breaking change by changing the issuer url in their discover document from `https://linkedin.com` to `https://linkedin.com/oauth` * Fixes supabase#1533, supabase#1534, [#22711](https://github.com/orgs/supabase/discussions/22711), [#22708](https://github.com/orgs/supabase/discussions/22708) ## What is the current behavior? Please link any relevant issues here. ## What is the new behavior? Feel free to include screenshots if it includes visual changes. ## Additional context Add any other context or screenshots.
LashaJini
pushed a commit
to LashaJini/auth
that referenced
this issue
Nov 15, 2024
## What kind of change does this PR introduce? Fixes supabase#1533 ## What is the current behavior? Attempting to signInWithOAuth with linkedin_iodc provider results in error 500 ## What is the new behavior? Attempting to signInWithOAuth with linkedin_iodc results in a successful login ## Additional context Error from Supabase Auth Logs: `oidc: id token issued by a different provider, expected \"https://www.linkedin.com\" got \"https://www.linkedin.com/oauth\"`
LashaJini
pushed a commit
to LashaJini/auth
that referenced
this issue
Nov 15, 2024
## What kind of change does this PR introduce? * Linkedin introduced a breaking change by changing the issuer url in their discover document from `https://linkedin.com` to `https://linkedin.com/oauth` * Fixes supabase#1533, supabase#1534, [#22711](https://github.com/orgs/supabase/discussions/22711), [#22708](https://github.com/orgs/supabase/discussions/22708) ## What is the current behavior? Please link any relevant issues here. ## What is the new behavior? Feel free to include screenshots if it includes visual changes. ## Additional context Add any other context or screenshots.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Version
@nuxtjs/supabase: tried both v1.2.0 and v0.3.8
nuxt: v3.6.5
When using signInWithOAuth with linkedin_oidc
It redirects back to the redirectTo URL with the following query params:
error=server_error&error_code=500&error_description=Error+getting+user+profile+from+external+provider#error=server_error&error_code=500&error_description=Error+getting+user+profile+from+external+providerWhen checking the Auth logs in the Supabase platform I found this error:
error: oidc: id token issued by a different provider, expected \"https://www.linkedin.com\" got \"https://www.linkedin.com/oauth\"","level":"error","method":"GET","msg":"500: Error getting user profile from external providerThe text was updated successfully, but these errors were encountered: