Server crashes when using OCID connection + Sign in with Apple #4701
Labels
Comments
piscis
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We're currently trying to setup CoralTalk together with a OCID ID provider (https://logto.io) using AppleID as a connector. It turns out when OCID token exchange is done the server crashes with a ValidationError: stating that name and picture must be a string and not null.
Because Apple SignIn does not return a "name" or "picture" logto returns a null instead of an empty string. The error seems to be caused in this two lines:
talk/server/src/core/server/services/oidc/oidc.ts
Lines 53 to 54 in 317fe8b
When forcing null values into empty strings before validation everything seams to work:
Example of the user user info provided to CoralTalk from LogTo.io after successful authentication via Apple SignIn:
{ "sub": "lxa7wl57jyjf", "name": null, "picture": null, "updated_at": 1732302616720, "username": null, "created_at": 1732291345221, "organizations": [], "organization_data": [], "organization_roles": [] }When forcing null values into empty strings everything seems to work. In case a new user registers and the name is an empty string CoralTalk asks for the username during the registration.
But I do not know if this could have some other implications for CoralTalk. Would be nice if someone could clarify.
Expected behavior:
It would be great if CoralTalk would allow null values for "picture" or "name" to make it possible to connect via login providers like "SignIn with Apple".
At least validation errors in the OCID connector should not crash the server.
Actual behavior:
It crashes the server and makes it impossible to use providers that do not provide name or picture information.
Related Issues:
no
Versions:
coralproject/talk:7The text was updated successfully, but these errors were encountered: