Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if youâre still stuck at the end, weâre happy to hop on a call to see how we can help out.
scope changes causing authentication to fail for EVEOnline provider
See original GitHub issueDescription đ
Scope parameter in EVEOnlline provider is being overwritten with âopenidâ
The EVEOnline provider requires there to be NO scope parameter. However in the provider code it is specified as âpublicDataâ but itâs not even using that?
..., wellKnown: "https://login.eveonline.com/.well-known/oauth-authorization-server", authorization: { params: { scope: "publicData", }, },
However, when the login URL is constructed we get this:
url: 'https://login.eveonline.com/oauth/authorize?client_id=*redacted*&scope=openid&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Fauth%2Fcallback%2Feveonline&nextauth=signin%2Ceveonline&state=GejPhUb_qWw8yj03eDsaDqmuN-tL1BLmXy3iRYW2Z-E
See in the URL that scope=openid ⌠does anyone know why this is happening? EVEOnline reports a authentication error saying the scope is invalid. Is there a way to completely remove the scope parameter from the login URL?
Is this a bug in your own project?
Yes
How to reproduce âď¸
Use the auth provider for EVEOnline. Youâll need to get a developer API key which you can get from https://developers.eveonline.com/applications
Screenshots / Logs đ˝
Environment đĽ
System:
OS: Windows 10 10.0.19043
CPU: (8) x64 IntelŽ Core⢠i7-6700K CPU @ 4.00GHz
Memory: 4.19 GB / 15.93 GB
Binaries:
Node: 17.0.1 - E:\Program Files\nodejs\node.EXE
npm: 8.1.2 - E:\Program Files\nodejs\npm.CMD
Browsers:
Chrome: 97.0.4692.99
Edge: Spartan (44.19041.1266.0), Chromium (97.0.1072.69)
Internet Explorer: 11.0.19041.1202
npmPackages:
next: ^12.0.9 => 12.0.9
next-auth: ^4.0.0-beta.7 => 4.0.0-beta.7
react: 17.0.2 => 17.0.2
Contributing đđ˝
Yes, I am willing to help solve this bug in a PR
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
The Eve login endpoint does not return an
id_token, so the eve configuration should be specifyingidToken:falseinstead oftrue. This will lead to the login process trying to get at theuserinfo_endpointto look up user information, but the configuredwellKnownofhttps://login.eveonline.com/.well-known/oauth-authorization-serverdoes not provide that either.The solution is to copy the EVEOnline configuration to your local code, set
idTokentofalse, removewellKnown, and manually specifyauthorization,tokenanduserinfo.Update:
Adding the following code to the EVEOnline Provider options fixed the id_token problem:
token: { async request({ client, provider, params, checks }) { const tokens = await client.oauthCallback( provider.callbackUrl, params, checks ) tokens.id_token = tokens.access_token return { tokens } }, }The OAuth profile data is returned correctly as follows:
However I then get a new error: [next-auth][error][OAUTH_PARSE_PROFILE_ERROR]
After this error I see the following:
Iâm assuming the undefined error message is to do with profile and account being null? Does anyone know why this is?