Commit Graph

101 Commits

Author SHA1 Message Date
Matthew Francis Brunetti
f498e9cd0a fix(react): allow imports from "next-auth/react" in RSC (#5718) 2022-11-05 23:09:51 +01:00
Henrik Wenz
060953dacf fix: support Next.js 13 (#5710)
* Migrate dev app to Next.js Version 13

* Update core types

* Fix middleware

https://github.com/nextauthjs/next-auth/issues/5649

* Use new ResponseCookie API

https://github.com/vercel/next.js/pull/41526
2022-11-04 03:32:48 +01:00
Balázs Orbán
d9df582fa8 feat(client): add refetchWhenOffline option (#4940)
* feat(client): add `refetchWhenOffline` option

* docs(client): document `refetchWhenOffline` option

* add TODO comment for next major

* feat: improve refetch hook logic

* fix: add todo back

* chore: small refactoring

Co-authored-by: Thang Vu <hi@thvu.dev>
2022-10-23 22:09:30 +07:00
Matsuoka
af840b2106 feat(providers): Add Todoist provider (#5253)
* feat: Add Todoist provider

* fix: use openid-client

* chore: add Todoist provider to issue template

Co-authored-by: Thang Vu <hi@thvu.dev>
2022-10-23 17:16:06 +07:00
jcdogo
ba89907d5a feat: Add allowDangerousEmailAccountLinking option for OAuth providers (#5513)
* Add opt-in for dangerous linking

* Add documentation for allowDangerousEmailAccountLinking option.

* Add link to FAQ.

* Fix nullish coalescing operator linting error.
2022-10-23 17:08:25 +07:00
Steven Tey
08eaeba79f docs: Fixed typo (#5609) 2022-10-21 10:07:13 +01:00
Mischa Spiegelmock
6758e1c6d1 refactor(core): allow trusting the forwarded host header (#5561)
* Non vercel-specific way to forward host header

* Update packages/next-auth/src/utils/detect-host.ts

Co-authored-by: Balázs Orbán <info@balazsorban.com>

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-10-15 14:17:20 +02:00
Thang Vu
fe7aaeded8 fix(ts): TS Module Augmentation (#5556)
* fix: TS Module Augmentation

* match type to AdapterUser

* refactor authorize callback

* Apply suggestions from code review

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-10-13 09:39:12 +07:00
Balázs Orbán
9a6d95c17c chore: fix TS lint 2022-10-10 02:11:46 +02:00
Ranjan Purbey
38a03ed7d8 feat(providers): Add Pinterest Provider (#5485)
* feat(providers): Add Pinterest Provider

* Apply suggestions from code review

* Update pinterest.ts

* Update pinterest.ts

* Apply suggestions from code review

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-10-09 23:18:45 +01:00
Chris Abernethy
e1eb684cc6 fix(providers): change EVE Online to OAuth2 (#5459) 2022-10-10 00:16:17 +02:00
Balázs Orbán
6132c3fa75 fix(ts): match TS types better with implementation (#4953)
* refactor(ts): export `AdapterAccount` from `next-auth/adapters`

* chore: run linter, remove prisma warning

* fix(ts): match TS with implementation closer

* remove unused import

* rename error

* add missing dev dependency

* fix type

* fix type

* fix more types and tests

* remove unused `id`

* skip upstash tests in CI

* revert some changes

* fix type

* revert some change

* revert some change

* revert some change

* revert some changes

* update lock file

* revert line change

* revert some change

* improve adapter & oauth typing

* fix test, revert

* apply review suggestion

* Add test for new rejection logics

* Update assert.test.ts

* fix: Hubspot config

* restore some ts-expect-error

* fix: tests in mirko-orm

* fix: remove redundant id: string

* fix: use ts-expect-errors

* fix: simplify provider type

* fix: normalize user options

* restore ts-expect-errors

Co-authored-by: Thang Vu <hi@thvu.dev>
2022-10-09 21:54:01 +07:00
Philipp
490d59dd17 fix(middleware): improve handling of custom Next.js basePath (#5109)
* fix(middleware): improve handling of custom nextjs basePath

* fix(middleware): improve extraction of nextjs base path from req.nextUrl

* adapt to req.nextUrl.basePath

* Fix indent

* Add middleware test for custom-base and simplified code a little bit

* Fix indent

* Add another test

* Rename basePath and nextJsBasePath

* Fix lint error
2022-10-09 11:31:28 +07:00
Max Peintner
d13997e140 feat(providers): ZITADEL provider (#5479)
* feat: zitadel provider

* Update packages/next-auth/src/providers/zitadel.ts

Co-authored-by: Balázs Orbán <info@balazsorban.com>

* Update packages/next-auth/src/providers/zitadel.ts

Co-authored-by: Balázs Orbán <info@balazsorban.com>

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-10-06 09:44:21 +02:00
Eric Carboni
0a4b99de3b chore(docs): update middleware documentation link (#5492)
closes #5489
2022-10-04 19:25:56 +02:00
Tom Freudenberg
97feae7916 fix(types): export SessionContext #5437 (#5438)
Co-authored-by: Lluis Agusti <hi@llu.lu>

Fixes #5437
2022-09-28 18:48:42 +02:00
Balázs Orbán
6deccf610f fix(core): return JSON for non-HTML server route errors (#5442)
* fix(core): return JSON for non-HTML server route errors

* refactor: throw in `unstable_getServerSession`

* test: expect `unstable_getServerSession` to throw

* refactor: destructure

* fix unrelated test formatting

* catch error page
2022-09-28 17:01:39 +01:00
Etienne Martin
f770b90219 fix(react): safe use of localStorage API (#5444)
fix: safe use of localstorage

Co-authored-by: Etienne <>
2022-09-28 16:54:07 +01:00
Matt Oliver
965c6267e2 feat(core): make session token with DB session strategy customizable (#5328)
* Add option for custom generateSessionToken

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-09-25 10:26:59 +01:00
Eng Zer Jun
44f2a47e6e fix(middleware): use includes() for NextAuth pages (#5104)
* fix(middleware): use `includes()` for NextAuth pages

Some users could be setting their `signIn` and `error` pages option to
`/` to disable the automatically generated pages, as suggested in [1].

This commit reverts the behaviour for matching `signIn` and `error`
pages in `handleMiddleware` to pre-v4.10.3.

```
const signInPage = "/"
const errorPage = "/"
const publicPaths = [signInPage, errorPage, "/_next", "/favicon.ico"]

// pathname = "/" will return true
publicPaths.some((p) => pathname.startsWith(p))
```

Fixes: aedabc8d ("fix: avoid redirect on always public paths")
Reference [1]: https://github.com/nextauthjs/next-auth/discussions/2330#discussioncomment-1678298
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>

* test(middleware): add tests for public paths

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Co-authored-by: Thang Vu <thvu@hey.com>
2022-09-18 11:07:46 +07:00
Mircea Trofimciuc
a0beb02f77 feat(providers): Add HubSpot Provider (#4633)
* Typos fix

* Added HubSpot Provider

* updates to profile

* Update docs/docs/providers/hubspot.md

Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>

* fixed typo and outsourced required fields

* removing redirectURL from the provider config

* replaced with "client_secret_post" client method

Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>
2022-09-11 10:43:28 +07:00
Balázs Orbán
44aaa6f1c3 chore: turbo cleanup (#4951)
* clean up `package.json` files

* chore(ts): make sure `next-auth/next` does not conflict with `next`

* simplify `turbo.json`

* fix: apply suggestion

* simplify doc dev command

* ignore upstash redis again

* ignore mikro orm for now

* chore: dev command

* update lock file

* update css path for dev only

* Update apps/dev/package.json

Co-authored-by: Thang Vu <thvu@hey.com>
2022-09-08 16:43:16 +02:00
Roberto Romero
ba20974b5f fix(providers): use client_secret_post token auth for LinkedIn (#5236)
* Send client_id and client_secret to linkedin

Linkedin now requires client_id and client_secret to be
sent in the oauth callback. Fixes #5220

* Update linkedin.ts

Co-authored-by: Thang Vu <thvu@hey.com>
Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-09-07 17:57:45 +02:00
Michael Angelo
f1d3bc26f9 fix(providers): convert Strava Provider to TS (#5241)
* update strava

* add localhost fallback

* lint & small updates

* Update docs/versioned_docs/version-v3/providers/strava.md

Co-authored-by: Lluis Agusti <hi@llu.lu>

* fix

* Delete yarn.lock

* Apply suggestions from code review

Co-authored-by: Lluis Agusti <hi@llu.lu>
Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-09-06 17:06:51 +01:00
Jonny
d3571e01ba fix: Change getToken parameter type to required (#5245)
* changed getToken parameter type to required

* removed redundant nullish coalescing operator

Co-authored-by: Thang Vu <thvu@hey.com>
2022-09-02 12:34:40 +07:00
Melanie Seltzer
a82cbf5ddf fix: return null in unstable_getServerSession if there's an error (#5218)
* fix: return null in unstable_getServerSession if there's an error

* Remove status check and instead check body is not a string

* Combine similar tests
2022-08-31 09:19:14 +07:00
Brian Muenzenmeyer
d980fa986b chore(types): fix typo in comment (#5207) 2022-08-23 18:58:50 +02:00
Junichi Sato
3131971e2c fix: Use consistent error type between doc, logger and error class (#5046)
* Keep error from being logged twice

The same errors have been logged, firstly before throwing
OAuthCallbackError, later in the catch-clause of it.

This commit removes the former and lets the latter survive,
because logging functionality seems better to reside in the
same neighborhood.

* doc: Merge CALLBACK_OAUTH_ERROR to OAUTH_CALLBACK_ERROR

* doc: This particular error from openid-client comes with SIGNIN_OAUTH_ERROR

* Provide logger with `providerId`

Co-authored-by: Thang Vu <thvu@hey.com>

Co-authored-by: Thang Vu <thvu@hey.com>
2022-08-22 14:46:30 +07:00
James
d349ae2b1b Feature/nonce check type (#4100)
* feat: add nonce check type

* Update types import for nonce-handler.ts

* Update packages/next-auth/src/core/lib/oauth/callback.ts

Co-authored-by: Thang Vu <thvu@hey.com>

* Add further info to debug msg as per PR suggestion

* Cast OauthChecks as OpenIDCallbackChecks

* Update order of imports as per PR suggestion

Co-authored-by: Hamid Adelyar <hamid.adelyar@bjss.com>
Co-authored-by: hamidbjss <98807568+hamidbjss@users.noreply.github.com>
Co-authored-by: Thang Vu <thvu@hey.com>
2022-08-16 17:07:42 +07:00
Moritz Kneilmann
a03657e615 fix(providers): Add appid param to Azure AD wellKnown URL (#5138)
This fixes: #5137
Relevent documentation:
> If the application has custom signing keys as a result of using the claims-mapping feature, append an appid query parameter that contains the application ID to get a jwks_uri that points to the signing key information of the application, which should be used for validation.

https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens#validating-the-signature
2022-08-12 14:26:21 +02:00
Balázs Orbán
afb1fcdae3 fix(providers): add normalizeIdentifier to EmailProvider
* fix(providers): add `normalizeIdentifier` to EmailProvider

* docs: document `normalizeIdentifier`

* fix: allow throwing error from normalizer

* test: add e-mail tests

* chore: log provider id

* test: merge client+config jest configs and add coverage report

* test: show coverage for untested files

* fix: only allow first domain in email. Add tests

* chore: add `coverage` to tsconfig exclude list

* cleanup

* revert

Co-authored-by: Thang Vu <thvu@hey.com>
2022-08-01 13:43:19 +02:00
Gavin Fogel
a21db8950f fix(ts): fix jsdoc link to documentation (#5039) 2022-07-28 06:54:01 +02:00
Balázs Orbán
aedabc8d3f fix: avoid redirect on always public paths (#5000)
* type safe babel config

* avoid auth redirect for `_next`

* force render default error page on user miconfig

* add slash to _next path

* use `.some`

* add docs

* change from localhost

* add favicon to public path
2022-07-24 00:45:56 +02:00
Balázs Orbán
0ea96796b2 fix: improve logger (#4970)
* fix: add debug warning, only show warnings once

* fix: prefer `debug` for details

* remove url

* test: fix tests

* Update docs/docs/errors.md

Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>

* Update callback.ts

Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>
2022-07-21 16:00:16 +02:00
Balázs Orbán
61b92ec1b6 chore: revert type assertion 2022-07-19 16:57:16 +02:00
Balázs Orbán
282f7ab340 fix(ts): fix Middleware internal type 2022-07-19 16:46:13 +02:00
Yoann Fleury
2725d07eb7 fix(providers): migrate GitLab provider to TS (#4929) 2022-07-17 04:47:15 +02:00
Balázs Orbán
042955eaaa fix(providers): allow issuer in Azure AD B2C 2022-07-16 14:20:31 +02:00
Balázs Orbán
46eedee3c8 fix(ts): remove TS workaround for withAuth (#4926)
* fix(ts): improve Middleware types

* docs: remove TS workaround for Middleware

* ignore lint

* simplify
2022-07-15 04:39:15 +02:00
Balázs Orbán
bb664a27da fix(providers): typo in GitHub provider scope (#4938) 2022-07-15 04:38:42 +02:00
Balázs Orbán
a14fbea0b5 chore: add TODO comment for next major 2022-07-15 02:41:09 +02:00
Balázs Orbán
4705632c6b chore: add TODO comment for next major version 2022-07-15 02:38:59 +02:00
S. Suzuki
8853000fd5 fix(ts): handleMiddleware return type can be NextMiddlewareResult (#4818)
Co-authored-by: Lluis Agusti <hi@llu.lu>
2022-07-14 00:20:19 +02:00
mshd
3666e438a3 refactor(providers): convert GitHub provider to TypeScript (#4908)
* rewrite github provider in typescript

* rename md js endings

* Update packages/next-auth/src/providers/github.ts

Co-authored-by: Balázs Orbán <info@balazsorban.com>

* add eslint disable next line

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-07-13 14:07:24 +02:00
Aliaksei Tayanouski
cdf467eba1 fix(providers): fix VK provider and convert to TS (#3709)
* renamed vk provider file extension to .ts

* lint issue fix

* vk provider fix

* formatting fix

* remove user_id from tokens

* Update src/providers/vk.ts

Co-authored-by: Balázs Orbán <info@balazsorban.com>

* Update src/providers/vk.ts

Co-authored-by: Balázs Orbán <info@balazsorban.com>

* user interface additions

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-07-13 14:04:55 +02:00
nkg
1b91282402 fix(ts): use correct type for nodemailer config in the EmailProvider (#4097)
Co-authored-by: Thang Vu <31528554+ThangHuuVu@users.noreply.github.com>
2022-07-12 02:50:09 +02:00
William Crutchfield
af3c2dd33d fix(ts): typo in Azure Active Directory Provider (#4895) 2022-07-11 18:24:09 +02:00
mshd
c22d613774 feat(providers): Add Wikimedia Oauth Provider (#4813)
* Add Wikimedia Oauth Provider

* add docs

* Update wikimedia.md

* Update wikimedia.md

* Update wikimedia.md

Co-authored-by: Nico Domino <yo@ndo.dev>
2022-07-10 19:38:01 +02:00
Luiz Bett
c1f7ce3436 fix(ts): make colorScheme optional (#4868)
Documentation says if it is not passed it will be "auto", but it is mandatory on this type.
2022-07-08 19:24:30 +02:00
sean-nicholas
c59a4e04d1 fix(middleware): allow secret as option in Middleware (#4846)
*  provide secret via config

* 🐛 make secret optional

* 📝 docs for middleware and env var

* 📝  recommendation at the end of paragraph

Co-authored-by: Balázs Orbán <info@balazsorban.com>
2022-07-07 14:14:21 +02:00