Hello
I'm having an issue with the functions side of my static web application using Azure Static Apps.
I've found that having a query parameter of 'code' is causing issues with my function
I've created a test trigger with the default HTTP trigger TypeScript code for an example.
import { AzureFunction, Context, HttpRequest } from "@azure/functions"
const httpTrigger: AzureFunction = async function (context: Context, req: HttpRequest): Promise<void> {
context.log('HTTP trigger function processed a request.');
const name = (req.query.name || (req.body && req.body.name));
const responseMessage = name
? "Hello, " + name + ". This HTTP triggered function executed successfully."
: "This HTTP triggered function executed successfully. Pass a name in the query string or in the request body for a personalized response.";
context.res = {
// status: 200, /* Defaults to 200 */
body: responseMessage
};
};
export default httpTrigger;
With no query parameter, works as intended
https://songkick.benbristow.co.uk/api/TestTrigger
With query parameter, works as intended
https://songkick.benbristow.co.uk/api/TestTrigger?name=Test
With unsupported query parameter, works as intended
https://songkick.benbristow.co.uk/api/TestTrigger?foo=bar
With code query parameter, 500 error
https://songkick.benbristow.co.uk/api/TestTrigger?code=code
This is causing issues for me handling an Oauth2 callback from Spotify which uses the 'code' query parameter.
Any idea to why this is happening and how this can be resolved? This was never an issue when deploying the code as a standalone function app as opposed to Azure Static Web Apps.
The source code is available here https://github.com/benbristow/songkick-spotify-playlist-generator
Thanks
Hey @benbristow ,
We have looked into this and are looking at potential solutions. For now the only workaround is to use a different query string parameter.
@miwebst Only just seen this comment, thanks.
Unfortunately I'm unable to change it as it's what Spotify redirects to (and I'm guessing other providers that implement OAuth2 too). I look forward to hearing your updates.
We鈥檝e identified the problem, but the fix will be part of a larger set of updates. Unfortunately there鈥檚 no firm ETA right now but it鈥檚 likely sometime early 2021.
OK. Good news. Found a workaround! 馃帀
Create a functions proxy that accepts a code parameter. Rewrite the URL to the actual function and replace code with some other parameter name. Take a look at the example here: https://github.com/anthonychu/20201115-test-swa-code-param/blob/main/api/proxies.json
Hopefully this will unblock you until we can get that fixed for good.
Awesome, cheers @anthonychu! Looking forward to seeing the fix next year.
Can confirm this workaround works a charm. Thanks again @anthonychu.
I'm hitting the same issue trying to use a functions endpoint for handling the OAuth2.0 flow. Another possible work around would be to change the response_mode in your auth request to form_post which will move all of the query parameters into the body of a POST request instead.
https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html
Most helpful comment
OK. Good news. Found a workaround! 馃帀
Create a functions proxy that accepts a
codeparameter. Rewrite the URL to the actual function and replacecodewith some other parameter name. Take a look at the example here: https://github.com/anthonychu/20201115-test-swa-code-param/blob/main/api/proxies.jsonHopefully this will unblock you until we can get that fixed for good.