How is a client secret created for new person?

[SimonLab]

I've been tested the login with email feature and found that the following line crash the application:
expected a map, got: nil on localhost
invalid AUTH_API_KEY/client_id please check. on heroku (once every two login attempt)

auth/lib/auth_web/controllers/auth_controller.ex

Lines 364 to 366 in a3dff03

	Enum.filter(apikeys, fn(k) ->
	k.client_id == client_id and state =~ k.url
	end) |> List.first() |> Map.get(:client_secret)

So the application doesn't manage to get a valid client_secret for the user so either it crashed when using the Map.get function on a nil value or it returns an error unauthorized with:

auth/lib/auth_web/controllers/auth_controller.ex

Lines 364 to 366 in a3dff03

	Enum.filter(apikeys, fn(k) ->
	k.client_id == client_id and state =~ k.url
	end) |> List.first() |> Map.get(:client_secret)

I think this is due to the referer not properly set up.
I continue to investigate to see why the referer url could produce this error

[SimonLab]

Removing manually the refer on the verification link from the email allow us to verify the email address and to access the key management page.

[SimonLab]

I think this is the cause of the issue:

auth/lib/auth_web/controllers/auth_controller.ex

Lines 69 to 73 in a3dff03

	false -> # no referer, redirect back to Auth app.
	AuthPlug.Helpers.get_baseurl_from_conn(conn) <> "/profile"
	|> URI.encode
	|> append_client_id(AuthPlug.Token.client_id())
	end

When there isn't a referrer, one is automatically created with a client_id.
I'm not sure about the logic yet so I need to check the AuthPlug.Token.client_id() function first

[nelsonic]

@SimonLab as we clarified on our Remote Pairing (Zoom) call,
the problem you were facing is that the seeds.exs file creates a API Key during mix ecto.setup which uses the default url for a Phoenix App: "www.example.com".
When the verify action attempts to lookup the client_secret from the state (URL) it will not match because "localhost:4000" !== "www.example.com" 😞

What you need to do to get this working on your localhost is edit two files:

First: the auth_url in the router.ex needs to be updated:

auth/lib/auth_web/router.ex

Line 31 in a3dff03

plug(AuthPlug, %{auth_url: "https://dwylauth.herokuapp.com"})

from: "https://dwylauth.herokuapp.com"
to: "http://localhost:4000"

And then in the seeds.exs file the "url" => "www.example.com"

auth/priv/repo/seeds.exs

Line 43 in a3dff03

"url" => "www.example.com" # the default host in %Plug.Conn

Needs to be: "url" => "http://localhost:4000"

Copy the resulting AUTH_API_KEY: value that is generated by mix ecto.setup into your .env file, run source .env and then re-run the app mix phx.server

Now it will work as you expect. 👍

The reason I have left the auth_url hard-coded in the router.ex file for MVP is just for simplicity. We can absolutely make it an Environment Variable in a next iteration.
I don't really care how many environment variables we have in the Auth app.
All I care is that our "Main" App https://github.com/dwyl/app only requires one.
Hence the effort made in PR #43 to create a single AUTH_API_KEY.
Which is demonstrated in: https://github.com/dwyl/auth_plug_example

Hope this helps clarify. 🤞
Thanks again for opening this issue. It helps me be more "Shoshin" in my work. ☯️

[nelsonic]

I have updated the seeds.exs to not overwrite the AUTH_API_KEY but instead use the existing one in .env. #85
Hope that makes life simpler.

[nelsonic]

When this App is run on localhost the seeds.exs script will create an App
but not overwrite the AUTH_API_KEY (thus client_id / client_secret) in the .env file.
Also, the AUTH_API_KEY will be printed to stdout for confirmation.
So I believe this issue is fixed.

@SimonLab if you still experience any blockers related to this issue, please re-open. Thanks! 👍