I'm using SAP Hybris and I want to integrate Kakao Social Login into my login page using Kakao's SDK.
The use case is as follows: when a user tries to log in to the login page at www.storefront.com/login/, they click on the Kakao Social Login button. This opens a Kakao popup where the user can enter their username/password. If everything is okay, Kakao sends a code in the callback directly to our backend. I then retrieve the access_token using this code to make a getUserInfo call. Once I retrieve the information, I display a progressive profiling popup to the user.
During my tests on my local environment, everything works fine, and the user's information is correctly displayed in the progressive profiling popup. However, when testing on the test server, if two users A and B are testing simultaneously, user A sees user B's information in the progressive profiling, and vice versa.
So, I would like to know if the callback doesn't identify the user who initiated the request and sends the callback to one of the two users randomly. If so, how can I ensure that the result of this callback is sent to the correct user?
Here is the endpoint I expose to Kakao:
@RequestMapping(value = "/callback/kakao" , method = RequestMethod.GET)
public String callback(@RequestParam final String code, final HttpServletRequest request, final HttpServletResponse response,Model model) {
String path = configurationService.getConfiguration().getString("redirect.uri.kakao");
String accessToken = facade.getAccessTokenFromKakao(code, getFullRequestUrl(request,path));
KakaoProfile profile = facade.getUserInfo(accessToken);
populateData(model, profile)
//the response that I must return as response I fill the profile in the model with the necessary info inside populatedata méthod.
return ControllerConstants.Pages.RESPONSE;
}
Please let me know if the callback doesn't identify the user who initiated the request and how I can ensure that the correct user receives the result of the callback.
Here is the content of the Response page you return in the result:
<%@ page trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="molecules" tagdir="/WEB-INF/tags/responsive/common/molecules" %>
<%@ taglib prefix="atoms" tagdir="/WEB-INF/tags/responsive/common/atoms" %>
<%@ taglib prefix="ycommerce" uri="http://hybris.com/tld/ycommercetags" %>
<script>
const progressiveProfilingHtml = "<spring:escapeBody javaScriptEscape="true">
<pages:progressive-profiling/></spring:escapeBody>";
window.addEventListener('beforeunload', () => {
window.opener.postMessage(progressiveProfilingHtml, '*');
});
window.addEventListener("DOMContentLoaded", (event) => {
window.close();
});
</script>
I return the HTML that is already filled with the data from the model.
And finally, I close the Kakao window to display the HTML of the progressive profiling on my site.
It may be a cache problem check which caching method you're using on the server. and try to hit the callback endpoint with multiple request and compare the results.