FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. atabakov
    A
    • Profile
    • Following 0
    • Followers 0
    • Topics 1
    • Posts 1
    • Best 0
    • Controversial 0
    • Groups 0

    atabakov

    @atabakov

    0
    Reputation
    1
    Profile views
    1
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    atabakov Unfollow Follow

    Latest posts made by atabakov

    • OAuth Complete Registration functionality breaks the authorization flow after upgrading to version 1.59.1

      Flow Before Version 1.59.1

      1. Open the registration page.
      2. Click "Google" (or another OAuth identity provider).
      3. Authorize with Google.
      4. Get redirected to the provided URL (my app).

      This flow was simple and straightforward.

      Flow After Version 1.59.1

      1. Open the registration page.
      2. Click "Google" (or another OAuth identity provider).
      3. Authorize with Google.
      4. The /oauth2/complete-registration page opens.
      5. The user is forced to provide a password (Why? The user wants to log in with Google and shouldn't need a password at this point. We don't need it either).
      6. The user clicks "Submit" on the complete registration page.
      7. The Sign In page opens (Why? The user should already be signed in).
      8. The user has to sign in again (Why? How do we explain that this is expected behavior and not a bug, especially right after a successful registration?).
      9. Finally, the user is redirected to the provided URL (my app).

      This adds unnecessary complexity and confusion. How can we avoid the complete registration page and redirect the user straight to the app? It's acceptable for the user to see the complete registration page, but it is not acceptable to force them to sign in again.

      posted in Comments & Feedback
      A
      atabakov