Skip to content

refactor: replace node-oauth with openid-client#1698

Merged
balazsorban44 merged 39 commits into
nextfrom
feat/openid-client
Jul 20, 2021
Merged

refactor: replace node-oauth with openid-client#1698
balazsorban44 merged 39 commits into
nextfrom
feat/openid-client

Conversation

@balazsorban44

@balazsorban44 balazsorban44 commented Apr 12, 2021
edited
Loading

Copy link
Copy Markdown
Contributor

Continuation of #1105

We rely on a package that hasn't been updated in a very long time. We kind of depend on it even after this, as our new dependency doesn't support OAuth 1.0 anymore, but we will treat it as a legacy solution and will only provide minimal maintenance to it. There are a few bigger providers still using the old spec like Twitter, but new providers will hopefully rather rely on newer specs.

Our new choice openid-client is maintained properly by awesome people, and will help us with PKCE, state and other things that until now we had to do manually.

Checklist:

Related issues:
Closes #1048, closes #1305

@vercel

vercel Bot commented Apr 12, 2021
edited
Loading

Copy link
Copy Markdown

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/nextauthjs/next-auth/GisAQuwZvX71DZj5zDfs8ui3U9HJ
✅ Preview: https://next-auth-git-feat-openid-client-nextauthjs.vercel.app

@github-actions github-actions Bot added adapters Changes related to the core code concerning database adapters core Refers to `@auth/core` databases docs Relates to documentation pages providers labels Apr 12, 2021
This was referenced Apr 12, 2021
Closed
Closed
This was referenced Apr 19, 2021
Merged
Closed
@balazsorban44 balazsorban44 marked this pull request as ready for review April 24, 2021 21:39
@balazsorban44
Merge branch 'next'
7cd89ba 
Conflicts:
	app/pages/api/auth/[...nextauth].js
	package-lock.json
	package.json
	pages/api/auth/[...nextauth].js
	src/providers/bungie.js
	src/providers/google.js
	src/providers/mailru.js
	src/providers/vk.js
	src/providers/yandex.js
	src/server/index.d.ts
	src/server/lib/oauth/callback.js
	src/server/lib/oauth/client.js
	src/server/lib/signin/oauth.js
	www/docs/configuration/pages.md
@vercel vercel Bot temporarily deployed to Preview April 24, 2021 21:59 Inactive
@github-actions github-actions Bot removed databases pages providers adapters Changes related to the core code concerning database adapters labels Apr 24, 2021
@vercel vercel Bot temporarily deployed to Preview July 17, 2021 18:40 Inactive
@vercel vercel Bot temporarily deployed to Preview July 17, 2021 18:43 Inactive
@vercel vercel Bot temporarily deployed to Preview July 17, 2021 20:38 Inactive
@vercel vercel Bot temporarily deployed to Preview July 19, 2021 17:51 Inactive
@vercel vercel Bot temporarily deployed to Preview July 19, 2021 18:16 Inactive
@vercel vercel Bot temporarily deployed to Preview July 19, 2021 18:16 Inactive
@vercel vercel Bot temporarily deployed to Preview July 19, 2021 18:25 Inactive
@balazsorban44 balazsorban44 requested a review from ndom91 July 20, 2021 12:51
ndom91
ndom91 approved these changes Jul 20, 2021
View reviewed changes

@ndom91 ndom91 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@balazsorban44 balazsorban44 merged commit f06e4d2 into next Jul 20, 2021
@balazsorban44 balazsorban44 deleted the feat/openid-client branch July 20, 2021 12:52
@ndom91 ndom91 mentioned this pull request May 2, 2022
Closed
@sato11 sato11 mentioned this pull request Jul 26, 2022
Closed
3 tasks
mnphpexpert added a commit to mnphpexpert/next-auth that referenced this pull request Sep 2, 2024
@mnphpexpert
refactor: replace node-oauth with openid-client (nextauthjs#1698)
fc8d81c 
* chore(deps): add openid-client

* chore: merge in next

* refactor(provider): remove redundant requestUrl param

* feat(provider): make profile callback optional

* refactor: use openid-client for OAuth2/OIDC

* refactor: use openidClient in oauth signin handler

* refactor: use openidClient in oauth callback handler

* docs(warn): add async issuer/old config warnings

* chore(deps): remove jsonwebtoken

* chore: add issuer property for testing locally

* chore(dev): import providers one-by-one

* fix(oauth): handle when no user in body/query

* chore(deps): remove pkce-challenge

* chore(dev): change Auth0 protection

* refactor(oauth): simplify pkce/state

* refactor: split OAuth1 client, reduce openid client

will improve API in another PR

* chore: change comment, dev app

* chore: mention OIDC client config discovery

* fix: add new operator when creating OIDC client

* refactor: delete req.query.nextauth after use

* docs(ts): use `TokenSet` from `openid-client`

* chore: simplify/type signin route

* refactor: rename to client-legacy to indicate intnet of maintenance

* chore(deps): try setting `oauth` as optional peer dep

* chore(deps): add `oauth` back as regular dependency

* chore(deps): add @types/oauth as dev dependency

* chore: remove params kept for backwards compatibility

* chore: don't make breaking changes in this PR

* chore(core): use correct TS declarations

* refactor: move files/add more accurate types internally

* chore: remove TODO comment

* chore: catch all errors in authorization URL generation
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0ubbe 0ubbe Awaiting requested review from 0ubbe

1 more reviewer

@ndom91 ndom91 ndom91 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

core Refers to `@auth/core` TypeScript Issues relating to TypeScript

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@balazsorban44 @codecov-commenter @ndom91