Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Discord provider always sending the same data, even with different scopes
See original GitHub issueDescription 🐜
So these couple of days I tried to find a way to get additional data from the user using the Discord provider. Currently, as we all know, currently only the email, the name and the image get saved onto the session.
So in theory, as the documentation says, we can override what does get passed to the profile in the providers. I just did a test to know what does Next-auth get in the provider profile from Discord’s API, and even if we add additional scopes, or even remove some of them, it always sends the same data, it doesn’t change. Because of this, we can’t add new stuff to the profile, because basically, it isn’t there.
In the past, I did stuff with authentication with Discord, and I know for a fact that the provider profile should pass everything we ask in the scopes. But with next-auth it doesn’t, so I believe it’s a next-auth bug.
Is this a bug in your own project?
No
How to reproduce ☕️
This is the options in [...nextauth].js:
const options = {
providers: [
Providers.Discord({
clientId: process.env.DISCORD_CLIENT_ID,
clientSecret: process.env.DISCORD_CLIENT_SECRET,
scope: "email identify guilds",
profile(profile) {
console.log(JSON.stringify(profile)); //This part is just a test to know what we get from the provider profile.
return {};
},
}),
],
database: process.env.DATABASE_URL,
};
And the data we get is always the following even if we add or remove scopes:
{
"id":"300537378991505418",
"username":"EG Gamer",
"avatar":"3fce5a1f73a33cf1886873f6b1e516fb",
"discriminator":"7747",
"public_flags":640,
"flags":640,
"banner":null,
"banner_color":"#18191c",
"accent_color":1579292,
"locale":"en-GB",
"mfa_enabled":true,
"email":"*my email here*",
"verified":true
}
Screenshots / Logs 📽
These are the logs that I get when DEBUG is set to true:
[next-auth][debug][oauth_callback_protection] Added state to authorization params {
state: 'cab13b5b22d649208776522bd0d344e77e4031e885811a6b32eefec85f6f7653'
}
[next-auth][debug][get_authorization_url] https://discord.com/api/oauth2/authorize?response_type=code&prompt=none&scope=email%20identify%20guilds&state=cab13b5b22d649208776522bd0d344e77e4031e885811a6b32eefec85f6f7653&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Fauth%2Fcallback%2Fdiscord&client_id=877609104493936692
[next-auth][debug][oauth_callback_protection] Comparing received and expected state {
state: 'cab13b5b22d649208776522bd0d344e77e4031e885811a6b32eefec85f6f7653',
expectedState: 'cab13b5b22d649208776522bd0d344e77e4031e885811a6b32eefec85f6f7653'
}
[next-auth][debug][profile_data] {
id: '300537378991505418',
username: 'EG Gamer',
avatar: '3fce5a1f73a33cf1886873f6b1e516fb',
discriminator: '7747',
public_flags: 640,
flags: 640,
banner: null,
banner_color: '#18191c',
accent_color: 1579292,
locale: 'en-GB',
mfa_enabled: true,
email: '*my email*',
verified: true
}
[next-auth][debug][oauth_callback_response] {
profile: {
id: '300537378991505418',
name: 'EG Gamer',
image: 'https://cdn.discordapp.com/avatars/300537378991505418/3fce5a1f73a33cf1886873f6b1e516fb.png',
email: '*my email*'
},
account: {
provider: 'discord',
type: 'oauth',
id: '300537378991505418',
accessToken: '*my accessToken*',
accessTokenExpires: null,
refreshToken: '*my refreshToken*',
idToken: undefined,
access_token: '*my accessToken*',
expires_in: 604800,
refresh_token: '*my refreshToken*',
scope: 'email identify guilds',
token_type: 'Bearer'
},
OAuthProfile: {
id: '300537378991505418',
username: 'EG Gamer',
avatar: '3fce5a1f73a33cf1886873f6b1e516fb',
discriminator: '7747',
public_flags: 640,
flags: 640,
banner: null,
banner_color: '#18191c',
accent_color: 1579292,
locale: 'en-GB',
mfa_enabled: true,
email: '*my email*',
verified: true,
image_url: 'https://cdn.discordapp.com/avatars/300537378991505418/3fce5a1f73a33cf1886873f6b1e516fb.png'
}
}
[next-auth][debug][typeorm_legacy__get_user_by_provider_account_id] discord 300537378991505418
[next-auth][debug][typeorm_legacy__get_user_by_provider_account_id] discord 300537378991505418
[next-auth][debug][typeorm_legacy__create_session] User {
id: 6120cff06e483e32ecb0068d,
name: 'EG Gamer',
email: '*my email*',
image: 'https://cdn.discordapp.com/avatars/300537378991505418/3fce5a1f73a33cf1886873f6b1e516fb.png',
createdAt: 2021-08-21T10:05:36.395Z,
updatedAt: 2021-08-21T10:05:36.395Z
}
[next-auth][debug][typeorm_legacy__get_session] 6761c46db1d3504db23718a663887eff4e2b6979cde74c3569e0aebba91e55a3
[next-auth][debug][typeorm_legacy__update_session] Session {
userId: 6120cff06e483e32ecb0068d,
expires: 2021-09-20T10:05:47.529Z,
sessionToken: '*sessionToken*',
accessToken: '*accessToken*',
id: 6120cffb6e483e32ecb00690,
createdAt: 2021-08-21T10:05:47.529Z,
updatedAt: 2021-08-21T10:05:47.529Z
}
[next-auth][debug][typeorm_legacy__get_user] 6120cff06e483e32ecb0068d
Environment 🖥
System: OS: Windows 10 10.0.19043 CPU: (4) x64 Intel® Core™ i5-7600 CPU @ 3.50GHz Memory: 8.17 GB / 15.96 GB
Binaries: Node: 12.18.4 - C:\Program Files\nodejs\node.EXE Yarn: 1.22.5 - C:\Program Files (x86)\Yarn\bin\yarn.CMD npm: 6.14.6 - C:\Program Files\nodejs\npm.CMD
Browsers: Chrome: 92.0.4515.159 Edge: Spartan (44.19041.1023.0), Chromium (92.0.902.73)
npmPackages: next: 11.1.0 => 11.1.0 next-auth: ^3.28.0 => 3.28.0 react: 17.0.2 => 17.0.2
Contributing 🙌🏽
No, I am afraid I cannot help regarding this
Issue Analytics
- State:
- Created 2 years ago
- Comments:15 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
https://github.com/nextauthjs/next-auth/pull/2411#discussion_r715939014 Was unfortunately mentioned in a PR but a month later and the discussion has just evaporated. Instead moving everything to discussions which can be helpful if discussing things other than missing documentation or functionality. Just my personal opinion but the solution is in bits and pieces with no clear information so docs need to be updated.
According to the docs for v4, setting the scope in the provider (as seen in the post above) should override the default. This doesn’t seem to be the case for the discord provider as it’s still only providing a token with the default scope.