Search code examples
fluttersupabase

can I fully login with supabase on local and google OAuth on my flutter app?

I'm setting up a project with flutter based on supabase. The project logs in correctly when using a project hosted on supabase, on the other hand I'm having troubles setting it up with a local supabase running locally.

I don't know if I'm missing some settings or supabase running locally is currently ok only for frontend projects:

my config.toml excerpt:

[auth]
# The base URL of your website. Used as an allow-list for redirects and for constructing URLs used
# in emails.
site_url = "http://localhost:54321" 
# A list of *exact* URLs that auth providers are permitted to redirect to post authentication.
additional_redirect_urls = ["https://localhost:3000", "http://localhost:54321/auth/v1/callback"]

...

[auth.external.google]
enabled = true
client_id = "xxx.apps.googleusercontent.com"
secret = "xxx"
redirect_uri = "http://localhost:54321/auth/v1/callback"

not sure if redirect is ok like that. On my google project I have the same client secret and the same callback uri (redirect_uri) pasted above.

On flutter, when trying to log in I run the following:

[auth]
# The base URL of your website. Used as an allow-list for redirects and for constructing URLs used
# in emails.
site_url = "http://localhost:3000"
# A list of *exact* URLs that auth providers are permitted to redirect to post authentication.
additional_redirect_urls = ["https://localhost:3000", "http://localhost:3000/auth/v1/callback"]
# How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 seconds (one
# week).
jwt_expiry = 3600
# Allow/disallow new user signups to your project.
enable_signup = true

...
      await Supabase.instance.client.auth.signInWithOAuth(
        Provider.google,
        redirectTo: 'my.registered.app://login-callback/',
      );

the project is running on an iphone simulator with access to localhost.

I can log in via google (then I guess the google settings are ok), but then the browser tries to open this redirection:

localhost:3000/#access_token=<THE-TOKEN>&expires_in=3600&provider_token=<THE-TOKEN>&refresh_token=<TOKEN>&token_type=bearer

and I get this as a response:

"no Route matched with those values"

in place of the redirection to the app. I guess I should use a different redirect_uri?

Solution

  • Answering myself: a further config value was missing.

    additional_redirect_urls needs the redirect value used along with signInWithOAuth. In the case case of the example I pasted my.registered.app://login-callback/:

    sign = ["https://localhost:3000", "net.bertamini.steadycalendar://login-callback/"]