Redirect uri mismatch error when login with github (aggregate verifier)

grace · March 2, 2023, 4:03am

i want to create an aggregate verifier with google & github auth0 social login. however, when i try to login with github, the error is

Failed to execute ‘atob’ on ‘Window’: The string to be decoded is not correctly encoded.

the error url: OpenLogin

the allowed callback url in my auth0 dashboard & the authorisation callback url in the github application is:

this is where i suspect the error lies.

below is my code snippet, following the documentation examples.

useEffect(() => {
    const init = async () => {
      try {
        const web3auth = new Web3Auth({
          clientId,
          web3AuthNetwork: "testnet", 
          chainConfig: {
            chainNamespace: CHAIN_NAMESPACES.EIP155,
            chainId: "0x1",
            rpcTarget: "https://rpc.ankr.com/eth",
          },
          uiConfig: {
            loginMethodsOrder: ["google", "github", "email_passwordless"],
          }
        });

        const openloginAdapter = new OpenloginAdapter({
          adapterSettings: {
            uxMode: "popup",
            loginConfig: {
              // Add login configs corresponding to the provider
              // Google login
              google: {
                name: "Google Login", // The desired name you want to show on the login button
                verifier: "verifier", // Please create a verifier on the developer dashboard and pass the name here
                verifierSubIdentifier: "neah-agg-google",
                showOnModal: true,
                typeOfLogin: "google", // Pass on the login provider of the verifier you've created
                clientId: googleClientId, // use your app client id you got from google
              },
              // Add other login providers here
              // GitHub Login via Auth0
              github: {
                verifier: "verifier", // Pass the Verifier name here. eg. w3a-aggregate-verifier
                verifierSubIdentifier: "subverifier", // Pass the Sub-Verifier here. eg w3a-auth0
                typeOfLogin: "jwt", // Pass the type of login provider. For Auth0, it's jwt and not Auth0.
                clientId: auth0ClientId, // Pass the Auth0 `Client ID` here.
                showOnModal: true,
                jwtParameters: {
                  domain: auth0Domain, 
                  verifierIdField: "email", // This is mapped b/w google and github logins.
                  isVerifierIdCaseSensitive: false,
                },
              },
            }
          }
        });
        web3auth.configureAdapter(openloginAdapter);

        setWeb3auth(web3auth);

        await web3auth.initModal();

        if (web3auth.provider) {
          setProvider(web3auth.provider);
        };

      } catch (error) {
        console.error(error);
      }
    };

    init();
  }, []);

  const login = async () => {
    if (!web3auth) {
      uiConsole("web3auth not initialized yet");
      return;
    }
    var web3authProvider;
    web3authProvider = await web3auth.connect();

    // When user clicks GitHub button, use this to Login with GitHub via Auth0
    web3authProvider = await web3auth.connectTo("openlogin", {
      loginProvider: "github",
    });

    // When user clicks Email Passwordless button, use this to Login with Email Passwordless via Auth0
    web3authProvider = await web3auth.connectTo("openlogin", {
      loginProvider: "emailpasswordless",
    });

    // When user clicks Google button, use this to Login with Google
    web3authProvider = await web3auth.connectTo("openlogin", {
      loginProvider: "google",
    });


    setProvider(web3authProvider);
    console.log("set provider");
  };

appreciate any help!

shahbaz · March 2, 2023, 4:10am

Hey @grace

Please refer to this example (examples/App.tsx at main · Web3Auth/examples · GitHub) and follow the Aggregate Verifier setup explained here.

grace · March 2, 2023, 3:04pm

hi @shahbaz i did refer to the Aggregate Verifier setup from the documentation when creating my aggregate verifier.

and i also tried running the example code (with my own aggregate verifier), however, for github login, i am still facing the same issue, as attached below

i am suspecting that my github redirect url is wrong, however, i am not sure which url to include

one solution i found online was:
Turns out the callback URL Github was looking for is https://[AUTH0_TENANT].auth0.com/login/callback, NOT the callback URL declared in my Auth0 dashboard.

however, i am unsure what my callback url should be

shahbaz · March 3, 2023, 4:57am

Yes, the callback URL on GitHub would be https://[AUTH0_TENANT].auth0.com/login/callback.

I have created a sample app around these combinations here.

Also, here’s the live demo of the same.

grace · March 4, 2023, 3:56pm

yup, i did follow the sample app

how do i know what is my version of [AUTH0_TENANT]?

shahbaz · March 6, 2023, 4:55am

Go to your auth0 dashboard, and look for your domain, before .auth0.com is your [AUTH0_TENANT, in this screenshot, it’s shahbaz-torus.us

grace · March 8, 2023, 12:53am

hi thank you so much for your help! i think it worked!

however, when im trying to login with github auth, this error appeared,

Unable to detect login share from the Auth Network. This may be due to slow internet connection . Check your internet speed and try again.

this error still occurs after i changed my wifi connection. reading the documentation, there isn’t any solution with regards to this error.

shahbaz · March 8, 2023, 3:19am

Hey @grace

Can you share the browser console here?

grace · March 8, 2023, 3:27am

sure, here you go

let me know if you need more information

shahbaz · March 8, 2023, 3:40am

Do you see any errors in the console? Please share that, if any, because I don’t see an error here.

grace · March 8, 2023, 3:41am

also, what does point ii. mean? and how should i go about doing that? i have already added the github social connection to my auth0 application. thanks alot!

grace · March 8, 2023, 3:44am

nope, just these errors!

i’ve also tried your sample code, and i have the same issue with my github login

grace · March 14, 2023, 1:52am

hi @shahbaz

could you help me check if the configs here are correct? i’ve managed to fix one of my wrong config and now im facing another error

auth0 application URLs

left the auth0 github fields blank

github developer settings

shahbaz · March 14, 2023, 4:39am

Did you enable the Email address here?

Also, just to confirm, your verifier name is “verifier”?

grace · March 14, 2023, 5:37am

hi @shahbaz i’ve just enabled the Email address, but i’m still facing the same issue.

also should i insert the client ID and client secret (taken from github developer console?)

lastly, if you are referring to the web3auth’s aggregate verifier, i have a few of them. but the one im using is “neah-agg”

shahbaz · March 14, 2023, 6:54am

Yes, you should do that.

Ok, I was asking because the code you shared above doesn’t have that.

shahbaz · March 14, 2023, 8:39am

Hey @grace

By looking at the code snippet shared by you. It looks like you’re using @web3auth/modal SDK. To work with aggregate verifiers, @web3auth/core SDK works best. Here’s the code snippet with your details:

import { Web3AuthCore } from "@web3auth/core";
import { OpenloginAdapter } from "@web3auth/openlogin-adapter";

const clientId = "YOUR_WEB3AUTH_CLIENT_ID";
// get it from https://dashboard.web3auth.io by creating a Plug n Play project.

const web3auth = new Web3AuthCore({
  clientId,
  web3AuthNetwork: "testnet",
  chainConfig: {
    chainNamespace: CHAIN_NAMESPACES.EIP155,
    chainId: "0x1",
    rpcTarget: "https://rpc.ankr.com/eth",
  },
});

const openloginAdapter = new OpenloginAdapter({
  adapterSettings: {
    loginConfig: {
      // Google login
      google: {
        verifier: "neah-agg", // Pass the Verifier name here. eg. w3a-aggregate-verifier
        verifierSubIdentifier: "neag-agg-google", // Pass the Sub-Verifier here. eg w3a-google
        typeOfLogin: "google", // Pass the type of login provider.
        clientId: googleClientId, // Pass the Google `Client ID` here.
      },
      // GitHub Login via Auth0
      github: {
        verifier: "neah-agg", // Pass the Verifier name here. eg. w3a-aggregate-verifier
        verifierSubIdentifier: "neah-agg-auth0-github", // Pass the Sub-Verifier here. eg w3a-auth0
        typeOfLogin: "jwt", // Pass the type of login provider. For Auth0, it's jwt and not Auth0.
        clientId: auth0ClientId, // Pass the Auth0 `Client ID` here.
      },
    },
  },
});
web3auth.configureAdapter(openloginAdapter);

// Initialize
await web3auth.init();

// When user clicks Google button, use this to Login with Google
const web3authProvider = await web3auth.connectTo("openlogin", {
  loginProvider: "google",
});

// When user clicks GitHub button, use this to Login with GitHub via Auth0
const web3authProvider = await web3auth.connectTo("openlogin", {
  loginProvider: "github",
  extraLoginOptions: {
    domain: auth0Domain, // Pass the Auth0 Domain here, eg. https://web3auth.au.auth0.com
    // This corresponds to the field inside jwt, which must be used to uniquely identify the user.
    verifierIdField: "email", // This is mapped b/w google and github logins.
    isVerifierIdCaseSensitive: false,
  },
});

Also, looking closely at your verifier, the GitHub sub verifier is still using sub as the verifier id. Can you update your verifier to use email?

grace · March 15, 2023, 3:10am

hi @shahbaz would u mind look through the snippets of my code?

the web3auth console is detecting logins everytime i try to login. however, i am still facing the same error.

useEffect(() => {
    const init = async () => {
      try {
        const web3auth = new Web3AuthCore({
          clientId, // get from https://dashboard.web3auth.io
          chainConfig: {
            chainNamespace: CHAIN_NAMESPACES.EIP155,
            chainId: "0x1",
            rpcTarget: "https://rpc.ankr.com/eth",
          },
          web3AuthNetwork: "testnet",
        });

        const openloginAdapter = new OpenloginAdapter({
          adapterSettings: {
            network: "testnet",
            clientId,
            uxMode: "popup",
            loginConfig: {
              google: {
                verifier: "neah-agg",
                verifierSubIdentifier: "neah-agg-google",
                typeOfLogin: "google",
                clientId: googleClientId,
              },
              // auth0emailpasswordless: {
              //   verifier: "agg-google-emailpswd-github",
              //   verifierSubIdentifier: "w3a-email-passwordless",
              //   typeOfLogin: "jwt",
              //   clientId: "QQRQNGxJ80AZ5odiIjt1qqfryPOeDcb1",
              //   jwtParameters: {
              //     domain: "https://shahbaz-torus.us.auth0.com",
              //     // this corresponds to the field inside jwt which must be used to uniquely
              //     // identify the user. This is mapped b/w google and email passwordless logins of Auth0
              //     verifierIdField: "email",
              //     isVerifierIdCaseSensitive: false,
              //   },
              // },
              auth0github: {
                verifier: "neah-agg",
                verifierSubIdentifier: "neah-agg-auth0-github",
                typeOfLogin: "jwt",
                clientId: auth0ClientId,
              },
            },
          },
        });
        web3auth.configureAdapter(openloginAdapter);
        setWeb3auth(web3auth);

        await web3auth.init();
        if (web3auth.provider) {
          setProvider(web3auth.provider);
        }
      } catch (error) {
        console.error(error);
      }
    };

    init();
  }, []);

  const loginGoogle = async () => {
    if (!web3auth) {
      uiConsole("web3auth not initialized yet");
      return;
    }
    const web3authProvider = await web3auth.connectTo(
      "openlogin",
      {
        loginProvider: "google",
      }
    );
    setProvider(web3authProvider);
  };

const loginAuth0GitHub = async () => {
    if (!web3auth) {
      uiConsole("web3auth not initialized yet");
      return;
    }
    const web3authProvider = await web3auth.connectTo(
      "openlogin",
      {
        loginProvider: "auth0github",
        extraLoginOptions: {
          domain: "https://dev-0z06v8pr2esiyrhh.us.auth0.com",
          // this corresponds to the field inside jwt which must be used to uniquely
          // identify the user. This is mapped b/w google and github logins
          verifierIdField: "email",
          isVerifierIdCaseSensitive: false,
        }
      }
    );
    setProvider(web3authProvider);
  };

shahbaz · March 15, 2023, 3:27am

Code snippet looks good to me.

Have you checked email address on Auth0’s github social connection settings?

shahbaz · March 15, 2023, 3:59am

Also, did you do this?

Please go to your Web3Auth dashboard, and update your verifier to use email and not sub.