Closed
Description
Bug report
- [✔] I confirm this is a bug with Supabase, not with my own application.
- [✔] I confirm I have searched the Docs, GitHub Discussions, and Discord.
Describe the bug
Seems iOS Supabase SDK incorrectly extracting URL parameters in some cases.
Example of URL: appscheme://login-callback?code=ecd160cb-bb4a-4db2-be0c-bcf0b3abe496#_=_
To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
- Make sure you are already logged in Facebook in mobile Safari
- Try to link Facebook identity to some Supabase account using ASWebAuthenticationSession (prefersEphemeralWebBrowserSession = false)
- See error of updating auth session with callback URL (invalidPKCEFlowURL)
Expected behavior
Such URLs should be handled properly
System information
- OS: iOS 17.4.1
- Browser: ASWebAuthenticationSession
- Version of supabase-swift: 2.8.2
Additional context
func extractParams(from url: URL) -> [Params] {
guard let components = URLComponents(url: url, resolvingAgainstBaseURL: false) else {
return []
}
if let fragment = components.fragment {
return extractParams(from: fragment)
}
if let queryItems = components.queryItems {
return queryItems.map {
Params(name: $0.name, value: $0.value ?? "")
}
}
return []
}According to the existing implementation fragment parameters will be returned immediately without merging with query items. Probably it's wrong (or maybe I just don't know the reason of such behavior)
Also not sure if it's correct from Facebook to respond with such callback URL but anyway seems we have all what we need there to proceed correctly.