We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Darwin
v20.11.1
3.12.4
3.13.0
2.9.7
pnpm@8.15.4
-
modules
extends
future
css
app
runtimeConfig
auth
compatibilityDate
@nuxtjs/tailwindcss@6.12.1
@nuxt/fonts@0.7.2
@vueuse/nuxt@10.11.1
@sidebase/nuxt-auth@0.8.2
It is hard to reproduce this error without sharing the secrets.
import { decode } from 'jsonwebtoken' import AzureAdProvider from 'next-auth/providers/azure-ad' import { NuxtAuthHandler } from '#auth' async function callRefreshToken(accessToken: any) { const url = `https://login.microsoftonline.com/${process.env.AZURE_AD_TENANT_ID}/oauth2/v2.0/token`; const req = await fetch(url, { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, body: `grant_type=refresh_token` + `&client_secret=${process.env.AZURE_AD_CLIENT_SECRET}` + `&refresh_token=${accessToken.refreshToken}` + `&client_id=${process.env.AZURE_AD_CLIENT_ID}`, }); const res = await req.json(); return res; } async function refreshAccessToken(accessToken: any) { try { console.log('Previous token expires at', new Date(accessToken.accessTokenExpires)); console.log('Refreshing access token...'); const msToken = await callRefreshToken(accessToken); console.log('New token received'); setAccessToken(accessToken, msToken); console.log('Access token refreshed'); console.log('Next token expires at', new Date(accessToken.accessTokenExpires)); return accessToken; } catch (error) { console.error(error); return { ...accessToken, error: 'RefreshAccessTokenError', }; } } // Persist the access_token in the encrypted JWT. function setAccessToken(jwt: any, msToken: any) { if (!msToken) { return; } if (msToken.access_token) { const decoded = decode(msToken.access_token) jwt.accessToken = msToken.access_token; if (decoded && typeof decoded !== 'string') jwt.roles = decoded.roles; } if (msToken.expires_at) jwt.accessTokenExpires = msToken.expires_at * 1000; else if (msToken.expires_in) jwt.accessTokenExpires = Date.now() + msToken.expires_in * 1000; jwt.refreshToken = msToken.refresh_token; } export default NuxtAuthHandler({ // A secret string you define, to ensure correct encryption secret: process.env.AUTH_APP_SECRET, pages: { signIn: '/auth/signIn', signOut: '/auth/signOut', error: '/auth/error', verifyRequest: '/auth/verifyRequest', newUser: '/auth/new-user' }, callbacks: { async jwt({ token, account, profile }) { setAccessToken(token, account); if (token.accessTokenExpires && Date.now() < token.accessTokenExpires) { return token; } return refreshAccessToken(token); }, async session({ session, token }) { // Make access token available on the client. session.roles = token.roles; return session; }, }, providers: [ // @ts-expect-error You need to use .default here for it to work during SSR. May be fixed via Vite at some point AzureAdProvider.default({ clientId: process.env.AZURE_AD_CLIENT_ID, clientSecret: process.env.AZURE_AD_CLIENT_SECRET, tenantId: process.env.AZURE_AD_TENANT_ID, authorization: { params: { scope: `openid offline_access profile api://Boss-Dev/Admin`, }, }, }) ] })
auth: { originEnvKey: 'NUXT_AUTH_ORIGIN', provider: { type: "authjs", defaultProvider: "azure-ad" }, globalAppMiddleware: { isEnabled: true, }, sessionRefresh: { enablePeriodically: 30000, enableOnWindowFocus: true, } },
When I remove custom pages and use the pages from the package, the callback url is working ok and redirects me to the intended page.
I think it might be somehow related to #857
When I set custom pages it attaches callbackUrl to the query string but built-in pages do not add callbackUrl to the query string. e.g.
http://localhost:3000/auth/signIn?callbackUrl=http://localhost:3000/my-protected-data
http://localhost:3000/api/auth/signin
It might be related to #883, since that body (URLSearchParams) also contains callbackUrl
No response
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Environment
Darwin
v20.11.1
3.12.4
3.13.0
2.9.7
pnpm@8.15.4
-
modules
,extends
,future
,css
,app
,runtimeConfig
,auth
,compatibilityDate
@nuxtjs/tailwindcss@6.12.1
,@nuxt/fonts@0.7.2
,@vueuse/nuxt@10.11.1
,@sidebase/nuxt-auth@0.8.2
-
Reproduction
It is hard to reproduce this error without sharing the secrets.
Describe the bug
nuxt config
When I remove custom pages and use the pages from the package, the callback url is working ok and redirects me to the intended page.
I think it might be somehow related to #857
Additional context
When I set custom pages it attaches callbackUrl to the query string but built-in pages do not add callbackUrl to the query string. e.g.
http://localhost:3000/auth/signIn?callbackUrl=http://localhost:3000/my-protected-data
http://localhost:3000/api/auth/signin
It might be related to #883, since that body (URLSearchParams) also contains callbackUrl
Logs
No response
The text was updated successfully, but these errors were encountered: