Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(adapter-nextjs): surface redirect error and sign-in timeout error #14116

Merged
merged 3 commits into from
Jan 10, 2025
Merged

feat(adapter-nextjs): surface redirect error and sign-in timeout error #14116

merged 3 commits into from
Jan 10, 2025

Conversation

HuiSF
Copy link
Member

@HuiSF HuiSF commented Jan 7, 2025

Description of changes

  1. surface redirect_uri errors (appended by Amazon Cognito) by appending error details as query parameters to redirectOnSignOutComplete
  2. surface sign-in flow timeout error by appending error details as query parameters to redirectOnSignOutComplete
    a. adjusted the timeout from 10 mins to 5 mins to align with Amazon Cognito Hosted UI behavior (see inline documentation link)

Issue #, if available

Description of how you validated changes

  • unit tests

Checklist

  • PR description included
  • yarn test passes
  • Unit Tests are changed or added
  • Relevant documentation is changed or added (and PR referenced)

Checklist for repo maintainers

  • Verify E2E tests for existing workflows are working as expected or add E2E tests for newly added workflows
  • New source file paths included in this PR have been added to CODEOWNERS, if appropriate

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@HuiSF HuiSF force-pushed the feat/server-auth/main branch from 778c2b6 to 07c5d70 Compare January 9, 2025 21:32
@HuiSF HuiSF requested a review from a team as a code owner January 9, 2025 21:32
@HuiSF HuiSF force-pushed the feat/server-auth/main branch from 07c5d70 to 778c2b6 Compare January 9, 2025 22:35
@HuiSF HuiSF force-pushed the hui/feat/server-auth/error-handling branch from 95a6929 to 91a0248 Compare January 10, 2025 17:19
jjarvisp
jjarvisp approved these changes Jan 10, 2025
View reviewed changes
Copy link
Member

@jjarvisp jjarvisp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!

@HuiSF HuiSF merged commit 3f2f826 into feat/server-auth/main Jan 10, 2025
28 checks passed
@HuiSF HuiSF deleted the hui/feat/server-auth/error-handling branch January 10, 2025 22:27
HuiSF added a commit that referenced this pull request Jan 27, 2025
@HuiSF
feat(adapter-nextjs): surface redirect error and sign-in timeout error (
124e7fa 
#14116)

* feat(adapter-nextjs): surface redirect error and sign-in timeout error

* feat(adapter-nextjs): expose both error and errorDescription

* chore(adapter-nextjs): remove unnecessary undefined fallback
HuiSF added a commit that referenced this pull request Feb 11, 2025
@HuiSF
feat: support server-side auth flows with Cognito managed login (#14168)
825d338 
* feat(adapter-nextjs): add runtimeOptions.cookies to createServerRunner (#13788)

* feat(aws-amplify|adapter-nextjs): add runtimeOptions.cookies to createServerRunner

* chore: resolve comments

* chore(adapter-nextjs): adapt the latest impl. changes

* feat(adapter-nextjs): add createAuthRouteHandlers to createServerRunner (#13801)

* feat(aws-amplify|adapter-nextjs): add runtimeOptions.cookies to createServerRunner

* feat(adapter-nextjs): add createAuthRouteHandlers to createServerRunner

* chore(adapter-nextjs): resolve comments

* chore(adapter-nextjs): remove unnecessary check

* feat(adapter-nextjs): server-side auth flows integrating cognito hosted UI (#13827)

* chore(auth): export necessary utilities and types to support server-side auth

* chore(aws-amplify): export necessary utilities to support server-side auth

* feat(adapter-nextjs): server-side auth api route integrating cognito hosted ui

* chore(adapter-nextjs): resolve comments

* refactor(adapter-nextjs): remove redundant username fallback

* feat(adapter-nextjs): add user has signed in check before initiating sign-in and sign-up (#13839)

* feat(adapter-nextjs): add user has signed in check before initiating sign-in and sign-up

* chore(adapter-nextjs): rename hasUserSignedIn to hasActiveUserSession

* fix(adapter-nextjs): make createAuthRouteHandlers interface work in both App and Pages routers (#13840)

* feat(adapter-nextjs): set cookie secure: false with non-SSL domain (#13841)

* feat(adapter-nextjs): allow cookie secure: false with non-SSL domain

* fix(adapter-nextjs): wrong naming and impl. of isSSLOrigin

* chore(adapter-nextjs): resolve comment

* refactor(adapter-nextjs): use maxAge attribute to set cookie from server to avoid clock drift (#14103)

* fix(adapter-nextjs): wrong use of nullish coalescing (#14112)

* refactor(adapter-nextjs): remove redundant clockDrift cookie (#14114)

refactor(adapter-nextjs): remove redundant clockDrift cookie ⤵️

Reasons:
  1. token exachange is happening on a server - and production server rarely has wrong system time
  2. when setting token cookies from server, it uses Max-Age header which is relative to the client system time. Clock drift became irrelevant
  3. surely we can argue sever system time can go wrong too, however, a Next.js app API route can be executed on different servers (load balancing), there is no source of truth to generate a clock drift value

* chore: enable tag publishing for server-auth (#14115)

* fix(adapter-nextjs): wrong spot for checking app origin and auth config (#14119)

* fix(adapter-nextjs): not await params async API in Next.js 15 (#14125)

* feat(adapter-nextjs): surface redirect error and sign-in timeout error (#14116)

* feat(adapter-nextjs): surface redirect error and sign-in timeout error

* feat(adapter-nextjs): expose both error and errorDescription

* chore(adapter-nextjs): remove unnecessary undefined fallback

* chore(adapter-nextjs): add warning re: using http in production (#14134)

* fix(core): generateRandomString uses Math.random() (#14132)

* fix(core): generateRandomString uses Math.random()

* chore(core): use better test to test actual logic

* chore(aws-amplify/adapter-nextjs): remove extraneous deps (#14141)

* fix(adapter-nextjs): removing only tokens and LastAuthUser cookies (#14152)

* fix(adapter-nextjs): wrong cookie attributes get set sometimes (#14169)

* chore: add E2E tests for next.js server auth

* chore: disable tag release

* fix(aws-amplify|api): internals export paths
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AllanZhengYP AllanZhengYP AllanZhengYP approved these changes

@ashika112 ashika112 ashika112 approved these changes

@jjarvisp jjarvisp jjarvisp approved these changes

@sktimalsina sktimalsina Awaiting requested review from sktimalsina sktimalsina is a code owner

@cshfang cshfang Awaiting requested review from cshfang cshfang is a code owner

@pranavosu pranavosu Awaiting requested review from pranavosu pranavosu is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@HuiSF @AllanZhengYP @ashika112 @jjarvisp