It isn’t clear how to get OAuth plugins (f.e. accounts-google) working well in Galaxy.
In my Push-to-Deploy settings I’ve set ROOT_URL to https://my-domain.com, but then in the app’s logs I see:
{
"line": "414",
"file": "oauth_server.js",
"message": "Error in OAuth Server: redirectUrl (https://my-app.com/onboarding) is not on the same host as the app (https://my-app.meteorapp.com/)",
"time": {
"$date": 1757436948760
},
"level": "warn"
}
and when I try to log in with Google I see the wrong redirect URL:
It should be working with your ROOT_URL set. We are trying to understand whether this behavior is a bug and, if so, which side is responsible for it: Galaxy or Meteor. Our OSS team is looking into it right now.
I see you also opened a support ticket on Galaxy. I’ll keep you updated there!
we use ROOT_URL to define the callback URL, as you can see at google_server.js and oauth_common.js, but not from the setting.json since “config” isnt used inside _redirectUri(...) (i’m doing a fews tests before open an issue to fix it)
I’d try adding the ROOT_URL env in Galaxy using the proper method, which is through settings.json, in the reserved section for environment variables in your host configuration.
I’m trying to have a unique ROOT_URL per deployment, from one code base, i.e. multiple *.meteorapp.com domains deployed from different branches (staging vs prod, etc).
settings.json only allows a single value for a given var, it seems.
I’ll try using --settings [file] in the “Deploy arguments” field instead.
EDIT: Using --settings worked.
That wasn’t so obvious, and one may easily assume that the environment variables in that push-to-deploy setup will work. The Meteor docs don’t mention these env vars. It would be more intuitive to write env vars in settings.json without the galaxy.meteor.com wrapper.
Thank you for your feedback, @trusktr! It is extremely valuable in helping us to continuously improve our documentation and guides for Galaxy. I will work to make this clearer in our documentation.