Adds commands to start/rebuild/stop a Docker image of a sample Next.js app that loads the latest build of NextAuth.js from the current directory.
* `npm run test:app:start`
* `npm run test:app:rebuild`
* `npm run test:app:stop`
It is intended for further development for automated testing.
### About the build process
* The Dockerfile uses a multi-stage build process to optimise build performance, but the nature of the process is slow.
* Build times vary depending on computer speed and internet connection.
* Inital build times are slow (it may take 10 minutes or more).
* Subsequent builds on the same computer should be faster (1 minute or less).
* To ensure the package.json is valid, modules required in the next-auth package.json file are re-downloaded* on every build.
* A Docker compose file is used to allow us to extend the test app to run it again multiple databases.
Subsequent updates may look to improve performance, but it's important checks like checking package.json is valid and running the build in isolation are performed.
* Add cypress, testing-library/cypress and server dev helper to package dev dependencies
* Add initial signin test and placeholder cypress files
* Add initial signout tests
* Add initial verify-request test
* Move page-only tests into a 'pages' directory
* Add an invalid email signup workflow test
* Use home-page sign in button for email workflow
* Some tests to check that clicking the button takes the user to the correct OAuth page (warning: fragile!)
* Add a couple of npm scripts to make it easier to run/ developer e2e tests
Co-authored-by: Iain Collins <me@iaincollins.com>
Discord is migrating to discord.com, including their OAuth2 API routes. Support for the old domain, discordapp.com, will be dropped on 7 Nov 2020.
Note that the cdn.discordapp.com domain is unchanged. This is intentional, as the cdn domain will not be migrated due to technical restraints on Discord's side.
I was getting this error due to it being a string value.
```sh
[next-auth][error][jwt_session_error] JWTClaimInvalid: "auth_time" claim must be a JSON numeric value
at isTimestamp (/Users/alex/code/trufans/node_modules/jose/lib/jwt/verify.js:24:11)
at validateTypes (/Users/alex/code/trufans/node_modules/jose/lib/jwt/verify.js:159:3)
at Object.module.exports [as verify] (/Users/alex/code/trufans/node_modules/jose/lib/jwt/verify.js:236:3)
at Object.<anonymous> (/Users/alex/code/trufans/node_modules/next-auth/dist/lib/jwt.js:100:30)
at Generator.next (<anonymous>)
at asyncGeneratorStep (/Users/alex/code/trufans/node_modules/next-auth/dist/lib/jwt.js:22:103)
at _next (/Users/alex/code/trufans/node_modules/next-auth/dist/lib/jwt.js:24:194)
at /Users/alex/code/trufans/node_modules/next-auth/dist/lib/jwt.js:24:364
at new Promise (<anonymous>)
at Object.<anonymous> (/Users/alex/code/trufans/node_modules/next-auth/dist/lib/jwt.js:24:97) {
code: 'ERR_JWT_CLAIM_INVALID',
claim: 'auth_time',
reason: 'invalid'
}
```
Currently the Google Provider example will always fail due to checking for `email_verified` when the correct response from the server is `verified_email`
next-auth debug output for validation:
```
[next-auth][debug][profile_data] {
id: 'XXXXXXX',
email: 'nick@example',
verified_email: true,
name: 'Nick Parks',
given_name: 'Nick',
family_name: 'XXXX',
picture: 'XXXX,
locale: 'en',
hd: 'example.com'
}
```
