I am integrating a custom OAuth service into my app, and while the login is succeeding, it always logs me in as the same user. Basically the first time I use the service (where there are no existing users from that service in the Backendless DB), it works great and creates the corresponding user in Backendless. However, for any subsequent logins, it always logs in as the same user that was used for the first login, regardless of what user was actually used.
Example scenario:
0. No existing users from my OAuth service exist in Backendless at this point
- User logs in via OAuth as user1@mysite.com
- User is redirected back to app, user1@mysite.com is created in Backendless and user is logged in as that user
- User logs in via OAuth as user2@mysite.com
- User is redirected back to app, but user is logged in as user1@mysite.com, not user2@mysite.com, and user2@mysite.com is never created in the Backendless database
The format returned from the User Info endpoint is this:
{"sub":"12345","name":"Test1 Test1","email":"user1@mysite.com"}
(yes, I have verified from the server logs that it is returning the correct information)
Here are my field mappings:
{"name":"name","email":"email"}
Is there anything I’m missing here? Do I need to provide any information about the user other than what I’m returning from the user info endpoint?
Hi. I’ve created the task for deeper investigation.
We’ll post here the progress.
Hi @Jacob_Goldberg ,
It looks more like a problem of OAuth service itself or custom login provider settings in the app.
Flow on the server side is simple:
- Generate auth url.
- User opens page via that URL on the side of OAuth service.
- After successful login on the OAuth service side this service will call Backendless and pass special code to it.
- Backendless will then exchange code on access token and will obtain user data using that token.
- Basing on one of fields from that user data (usually email if identity column in the Backendless app was not changed for “Users” table) it will try to locate existing user.
- If no existing user is located Backendless will create a new one with email extracted from user data provided by OAuth service. If user with such email already exists Backendless will login existing one. At the end system will return to the client user data with auth token or perform redirect to the special page.
Have you changed identity column for “Users” table in your app?
Could you please provide your app ID and your custom provider name so I can look closer to the problem?
Regards, Andriy
The app ID is FXBK, and the custom provider name is “OTASsoTest”. Note that it’s currently still a prototype so the OAuth server is only running when I am actually using it.
I have not modified the identity column for the users table, it’s still email. The user info endpoint just returns the email, name, and ID (identified as “sub”).
@Jacob_Goldberg ,
Sorry, I am misguided you regarding how system looks for existing user using OAuth service user data.
In fact it always relies on user ID returned by OAuth service. Could you please update your fields mappings to include next part "sub": "id" and try to login one more time?
Regards, Andriy
That did the trick, thank you!