Hi Bubble community,
I am trying to setup Bubble with an OAuth API and I cannot get it to work. I am using casdoor https://casdoor.org/ as an OAuth provider and below is my current setup
Here is an example output of the /get-account
endpoint:
{
"status": "ok",
"msg": "",
"sub": "4f89349a-275d-4753-88cf-714bbdeb4fb5",
"name": "user",
"data": {
"id": "4f89349a-275d-4753-88cf-714bbdeb4fb5",
"name": "user",
"email": "user@example.com",
...
}
After setting up the workflow and logging in through OAuth provider I get the following error:
âText too long for this fieldâ
My assumption is that because casdoor creates a fairly large JWT, the value of the token is too large for some setting in bubble. Is there a maximum length of the characters for the token? If so, can I increase this maximum?
I am currently on a free version to test things out and see if bubble will fit the requirements.
If not, should I look into ways to reduce the token size, generated from casdoor?
Thank you!
I am not sure if it is clear, but this is the error that I am having problems with:
It comes up after I visit the login page of the OAuth provider and login with my credentials.
This is also the documentation of the API for casdoor: Swagger UI
Have you tried working your own OAuth flow out with private key in header instead of using the oauth user agen flow?
Youâll need to make your own redirect page.
First step is to obtain a code to exchange for an access token; so, we open an external website at their authorize url like this:
You should create a page in your app called something like âoauth_redirectâ like this:
On page load of your oauth_redirect page should be an action to obtain the returned code, then the workflow to exchange the code for an access token and store it to your userâs data which might look like this.
Call to get access token
exchange âcodeâ for access token
now store the accesstoken and other data from the response to user data
1 Like
Thanks for the reply! Your solution sounds reasonable and makes sense. Let me check that and I will get back to say if it worked.
Do you have any idea what the âtext too long for fieldâ error could mean?
There might be a few reasons why it might say that. Thatâs why I always build my own OAuth 2.0 flow.
1 Like
do you know how to use the calculate random string syntax from bubble?
I donât know almost anything bubble related - so no
Why should I use it?
In any oauth flow youâll have to pass a âstateâ to the authorization request. it needs to be custom and complex to make sure itâs you.
Hello both,
Just read your discussion, I have the same message randomly with the SSO from Microsoft.
it just happen to max 4 accounts, and itâs ok for all the others
I canât find any info on the bubble logs, or on Azure.
Any idea, how can I see the field which is causing problems ?
@doug.burden : do you have demo page where I can see your setup to use the private key in header ?
Not sure itâs possible to do this way with Microsoft AADâŚ
For me the issue was caused because the token was indeed too long. It appears that bubble saves it somewhere in itâs backend and the length of it was longer than the anticipated length from bubble. Reducing the size drastically solved the issue for me.
Thanks for your answer.
Could you explain how you reduce the size ?
I was using an OAuth framework called casdoor. I modified the token type to be JWT-Empty
That way the token size was drastically reduced. I am not sure if this is going to help you though. You were using Microsoftâs AAD, right?
From what I read, I assume that you are facing the exact same problem. https://stackoverflow.com/a/32184461 This guy says that they are also very long.
My guess is that you need to figure out what information is being passed inside the JWT token and try to reduce it to only the most important things.