auth.linkIdentity with OAuthProvider.google redirects to [auth.site_url] and not the redirect url #1199
Description
Describe the bug
After the authentication flow in the browser triggered by linkIdentity using google as an OAuthProvider I get redirected to the site I have configured in the [auth.site_url] config (plus the query string with the authorization details), and not the callback.
To Reproduce
Steps to reproduce the behavior:
- Use
final res = await client.auth.linkIdentity(OAuthProvider.google); - Complete the authentication flow (decline or grant the access, it is still the same)
- I get a redirection to the page configured under [auth/site_url]
Expected behavior
The browser should redirect to the app.
Screenshots
Version (please complete the following information):
On Linux/macOS
dart pub deps | grep -E "supabase|gotrue|postgrest|storage_client|realtime_client|functions_client"
├── supabase_flutter 2.9.0
│ ├── supabase 2.7.0
│ │ ├── functions_client 2.4.2
│ │ ├── gotrue 2.12.0
│ │ ├── postgrest 2.4.2
│ │ ├── realtime_client 2.5.0
│ │ ├── storage_client 2.4.0
Extra
I have tried both, in local development and in a supabase.com instance
[auth]
enabled = true
# The base URL of your website. Used as an allow-list for redirects and for constructing URLs used
# in emails.
site_url = "http://localhost:3000"
# A list of *exact* URLs that auth providers are permitted to redirect to post authentication.
additional_redirect_urls = ["http://localhost:3000", "http://localhost:54321/auth/v1/callback"]
...
[auth.external.google]
enabled = true
client_id = "XXXXX.apps.googleusercontent.com"
secret = "env(SUPABASE_AUTH_EXTERNAL_GOOGLE_SECRET)"
# Overrides the default auth redirectUrl.
redirect_uri = "http://localhost:54321/auth/v1/callback"
# Overrides the default auth provider URL. Used to support self-hosted gitlab, single-tenant Azure,
# or any other third-party OIDC providers.
url = ""
skip_nonce_check = true