Description
Describe the bug
https://github.com/logto-io/js/blob/master/packages/next/server-actions/index.ts#L60
In this function handleSignIn
, if the passed in param searchParamsOrUrl
is not a instance of URL, it will construct a bad url for client.handleSignInCallback
to handle.
In the Next.js (App Router) tutorial, the sample code do pass a URLSearchParams
as searchParamsOrUrl
, so if your redirect url is not /callback, it will throw error callback_uri_verification.redirect_uri_mismatched
Expected behavior
Use the sample code given by Next.js (App Router) tutorial:
import { handleSignIn } from '@logto/next/server-actions';
import { redirect } from 'next/navigation';
import { NextRequest } from 'next/server';
import { logtoConfig } from '../logto';
export async function GET(request: NextRequest) {
const searchParams = request.nextUrl.searchParams;
await handleSignIn(logtoConfig, searchParams);
redirect('/');
}
Should handle login callback correctly.
How to reproduce?
Set redirect URI to any url other than http://hostname/callback, e.g. http://localhost:3000/api/auth/callback
handleSignIn will check the actual redirect url agains http://hostname/callback, result in a 'callback_uri_verification.redirect_uri_mismatched' error
Environment
Logto Cloud
Screenshots
No response