fix(logger): properly end request every time (#1557 )

* fix(logger): properly end request every time * chore: fix linting
fix(provider): reject access token if slack login flow was canceled (#1544 )
2026-05-01 10:55:20 +00:00 · 2021-03-20 10:08:12 +01:00 · 2021-03-18 14:59:24 +01:00 · 2021-03-16 19:27:11 +01:00 · 2021-03-16 19:25:24 +01:00 · 2021-03-16 00:00:35 +01:00
20 changed files with 6424 additions and 3715 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -15675,9 +15675,9 @@
      "integrity": "sha512-WKrRpCSwL2t3tpOOGhf2WfTpcmbpxaWtDbdJdKdjd0aEiTkvOmS4NBkG6kzlaAHI9AkQ3iVqbFWM3Ei7mZ4o1Q=="
    },
    "preact-render-to-string": {
-      "version": "5.1.7",
-      "resolved": "https://registry.npmjs.org/preact-render-to-string/-/preact-render-to-string-5.1.7.tgz",
-      "integrity": "sha512-3F4qvUsbiS/ZJ0lOHF+I8aye6x63QSXeOjaATJ6KppJsCUJW9adHa7CbBYX7Ib3DlYDp6PFwfefxK72NKys2sA==",
+      "version": "5.1.14",
+      "resolved": "https://registry.npmjs.org/preact-render-to-string/-/preact-render-to-string-5.1.14.tgz",
+      "integrity": "sha512-xG/spHMnDX1cOOetZiFhljtczYUXqBrhuB+C2H+V0y3fJX8TmZtMrC+5di70y0E9fWAWiQIO5VTCpSDLoRmhzg==",
      "requires": {
        "pretty-format": "^3.8.0"
      }
@@ -19624,9 +19624,9 @@
      "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA=="
    },
    "xmldom": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.3.0.tgz",
-      "integrity": "sha512-z9s6k3wxE+aZHgXYxSTpGDo7BYOUfJsIRyoZiX6HTjwpwfS2wpQBQKa2fD+ShLyPkqDYo5ud7KitmLZ2Cd6r0g==",
+      "version": "0.5.0",
+      "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.5.0.tgz",
+      "integrity": "sha512-Foaj5FXVzgn7xFzsKeNIde9g6aFBxTPi37iwsno8QvApmtg7KYrr+OPyRHcJF7dud2a5nGRBXK3n0dL62Gf7PA==",
      "dev": true
    },
    "xpath.js": {
--- a/package.json
+++ b/package.json
@@ -50,7 +50,7 @@
    "oauth": "^0.9.15",
    "pkce-challenge": "^2.1.0",
    "preact": "^10.4.1",
-    "preact-render-to-string": "^5.1.7",
+    "preact-render-to-string": "^5.1.14",
    "querystring": "^0.2.0",
    "require_optional": "^1.0.1",
    "typeorm": "^0.2.30"
--- a/src/client/index.js
+++ b/src/client/index.js
@@ -130,9 +130,9 @@ function _useSessionHook (session) {
        __NEXTAUTH._clientSession = newClientSessionData

        setData(newClientSessionData)
+        setLoading(false)
      } catch (error) {
        logger.error('CLIENT_USE_SESSION_ERROR', error)
-      } finally {
        setLoading(false)
      }
    }
--- a/src/providers/faceit.js
+++ b/src/providers/faceit.js
@@ -0,0 +1,25 @@
+export default (options) => {
+  return {
+    id: 'faceit',
+    name: 'FACEIT',
+    type: 'oauth',
+    version: '2.0',
+    params: { grant_type: 'authorization_code' },
+    headers: {
+      Authorization: `Basic ${Buffer.from(`${options.clientId}:${options.clientSecret}`).toString('base64')}`
+    },
+    accessTokenUrl: 'https://api.faceit.com/auth/v1/oauth/token',
+    authorizationUrl: 'https://accounts.faceit.com/accounts?redirect_popup=true&response_type=code',
+    profileUrl: 'https://api.faceit.com/auth/v1/resources/userinfo',
+    profile (profile) {
+      const { guid: id, nickname: name, email, picture: image } = profile
+      return {
+        id,
+        name,
+        email,
+        image
+      }
+    },
+    ...options
+  }
+}
--- a/src/providers/index.js
+++ b/src/providers/index.js
@@ -12,6 +12,7 @@ import Discord from './discord'
 import Email from './email'
 import EVEOnline from './eveonline'
 import Facebook from './facebook'
+import FACEIT from './faceit'
 import Foursquare from './foursquare'
 import FusionAuth from './fusionauth'
 import GitHub from './github'
@@ -19,6 +20,7 @@ import GitLab from './gitlab'
 import Google from './google'
 import IdentityServer4 from './identity-server4'
 import Instagram from './instagram'
+import Kakao from './kakao'
 import LINE from './line'
 import LinkedIn from './linkedin'
 import MailRu from './mailru'
@@ -35,6 +37,7 @@ import Twitch from './twitch'
 import Twitter from './twitter'
 import VK from './vk'
 import Yandex from './yandex'
+import Zoho from './zoho'

 export default {
  Apple,
@@ -51,6 +54,7 @@ export default {
  Email,
  EVEOnline,
  Facebook,
+  FACEIT,
  Foursquare,
  FusionAuth,
  GitHub,
@@ -58,6 +62,7 @@ export default {
  Google,
  IdentityServer4,
  Instagram,
+  Kakao,
  LINE,
  LinkedIn,
  MailRu,
@@ -73,5 +78,6 @@ export default {
  Twitch,
  Twitter,
  VK,
-  Yandex
+  Yandex,
+  Zoho
 }
--- a/src/providers/kakao.js
+++ b/src/providers/kakao.js
@@ -0,0 +1,21 @@
+export default (options) => {
+  return {
+    id: 'kakao',
+    name: 'Kakao',
+    type: 'oauth',
+    version: '2.0',
+    params: { grant_type: 'authorization_code' },
+    accessTokenUrl: 'https://kauth.kakao.com/oauth/token',
+    authorizationUrl: 'https://kauth.kakao.com/oauth/authorize?response_type=code',
+    profileUrl: 'https://kapi.kakao.com/v2/user/me',
+    profile: (profile) => {
+      return {
+        id: profile.id,
+        name: profile.kakao_account?.profile.nickname,
+        email: profile.kakao_account?.email,
+        image: profile.kakao_account?.profile.profile_image_url
+      }
+    },
+    ...options
+  }
+}
--- a/src/providers/zoho.js
+++ b/src/providers/zoho.js
@@ -0,0 +1,22 @@
+export default (options) => {
+  return {
+    id: 'zoho',
+    name: 'Zoho',
+    type: 'oauth',
+    version: '2.0',
+    scope: 'AaaServer.profile.Read',
+    params: { grant_type: 'authorization_code' },
+    accessTokenUrl: 'https://accounts.zoho.com/oauth/v2/token',
+    authorizationUrl: 'https://accounts.zoho.com/oauth/v2/auth?response_type=code',
+    profileUrl: 'https://accounts.zoho.com/oauth/user/info',
+    profile: (profile) => {
+      return {
+        id: profile.ZUID,
+        name: `${profile.First_Name} ${profile.Last_Name}`,
+        email: profile.Email,
+        image: null
+      }
+    },
+    ...options
+  }
+}
--- a/src/server/index.js
+++ b/src/server/index.js
@@ -225,18 +225,19 @@ async function NextAuthHandler (req, res, userOptions) {
          }
          break
        case '_log':
-          try {
-            if (!userOptions.logger) return
-            const {
-              code = 'CLIENT_ERROR',
-              level = 'error',
-              message = '[]'
-            } = req.body
+          if (userOptions.logger) {
+            try {
+              const {
+                code = 'CLIENT_ERROR',
+                level = 'error',
+                message = '[]'
+              } = req.body

-            logger[level](code, ...JSON.parse(message))
-          } catch (error) {
-            // If logging itself failed...
-            logger.error('LOGGER_ERROR', error)
+              logger[level](code, ...JSON.parse(message))
+            } catch (error) {
+              // If logging itself failed...
+              logger.error('LOGGER_ERROR', error)
+            }
          }
          return res.end()
        default:
--- a/src/server/lib/oauth/client.js
+++ b/src/server/lib/oauth/client.js
@@ -167,9 +167,17 @@ async function getOAuth2AccessToken (code, provider, codeVerifier) {
          raw = querystring.parse(data)
        }

-        const accessToken = provider.id === 'slack'
-          ? raw.authed_user.access_token
-          : raw.access_token
+        let accessToken
+        if (provider.id === 'slack') {
+          const { ok, error } = raw
+          if (!ok) {
+            return reject(error)
+          }
+
+          accessToken = raw.authed_user.access_token
+        } else {
+          accessToken = raw.access_token
+        }

        resolve({
          accessToken,
--- a/src/server/pages/error.js
+++ b/src/server/pages/error.js
@@ -1,6 +1,5 @@
 // @ts-check
 import { h } from 'preact' // eslint-disable-line no-unused-vars
-import render from 'preact-render-to-string'

 /**
 * Renders an error page.
@@ -57,7 +56,7 @@ export default function error ({ baseUrl, basePath, error = 'default', res }) {

  res.status(statusCode)

-  return render(
+  return (
    <div className='error'>
      <h1>{heading}</h1>
      <div className='message'>{message}</div>
--- a/src/server/pages/index.js
+++ b/src/server/pages/index.js
@@ -1,3 +1,4 @@
+import renderToString from 'preact-render-to-string'
 import signin from './signin'
 import signout from './signout'
 import verifyRequest from './verify-request'
@@ -10,7 +11,7 @@ export default function renderPage (req, res) {

  res.setHeader('Content-Type', 'text/html')
  function send ({ html, title }) {
-    res.send(`<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>${css()}</style><title>${title}</title></head><body class="__next-auth-theme-${theme}"><div class="page">${html}</div></body></html>`)
+    res.send(`<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>${css()}</style><title>${title}</title></head><body class="__next-auth-theme-${theme}"><div class="page">${renderToString(html)}</div></body></html>`)
  }

  return {
--- a/src/server/pages/signin.js
+++ b/src/server/pages/signin.js
@@ -1,5 +1,4 @@
 import { h } from 'preact' // eslint-disable-line no-unused-vars
-import render from 'preact-render-to-string'

 export default function signin ({ csrfToken, providers, callbackUrl, email, error: errorType }) {
  // We only want to render providers
@@ -30,7 +29,7 @@ export default function signin ({ csrfToken, providers, callbackUrl, email, erro

  const error = errorType && (errors[errorType] ?? errors.default)

-  return render(
+  return (
    <div className='signin'>
      {error &&
        <div className='error'>
--- a/src/server/pages/signout.js
+++ b/src/server/pages/signout.js
@@ -1,8 +1,7 @@
 import { h } from 'preact' // eslint-disable-line no-unused-vars
-import render from 'preact-render-to-string'

 export default function signout ({ baseUrl, basePath, csrfToken }) {
-  return render(
+  return (
    <div className='signout'>
      <h1>Are you sure you want to sign out?</h1>
      <form action={`${baseUrl}${basePath}/signout`} method='POST'>
--- a/src/server/pages/verify-request.js
+++ b/src/server/pages/verify-request.js
@@ -1,8 +1,7 @@
 import { h } from 'preact' // eslint-disable-line no-unused-vars
-import render from 'preact-render-to-string'

 export default function verifyRequest ({ baseUrl }) {
-  return render(
+  return (
    <div className='verify-request'>
      <h1>Check your email</h1>
      <p>A sign in link has been sent to your email address.</p>
--- a/www/docs/getting-started/rest-api.md
+++ b/www/docs/getting-started/rest-api.md
@@ -35,7 +35,7 @@ The `POST` submission requires CSRF token from `/api/auth/csrf`.

 Returns client-safe session object - or an empty object if there is no session.

-The contents of the session object that is returned is configurable with the session callback.
+The contents of the session object that is returned are configurable with the session callback.

 #### `GET` /api/auth/csrf

@@ -52,7 +52,7 @@ It can be used to dynamically generate custom sign up pages and to check what ca
 ---

 :::note
-The default base path is `/api/auth` but it is configurable by specyfing a custom path in `NEXTAUTH_URL`
+The default base path is `/api/auth` but it is configurable by specifying a custom path in `NEXTAUTH_URL`

 e.g. 

--- a/www/docs/providers/faceit.md
+++ b/www/docs/providers/faceit.md
@@ -0,0 +1,30 @@
+---
+id: faceit
+title: FACEIT
+---
+
+## Documentation
+
+https://cdn.faceit.com/third_party/docs/FACEIT_Connect_3.0.pdf
+
+## Configuration
+
+https://developers.faceit.com/apps
+
+Grant type: `Authorization Code`
+
+Scopes to have basic infos (email, nickname, guid and avatar) : `openid`, `email`, `profile`
+
+## Example
+
+```js
+import Providers from `next-auth/providers`
+...
+providers: [
+  Providers.FACEIT({
+    clientId: process.env.FACEIT_CLIENT_ID,
+    clientSecret: process.env.FACEIT_CLIENT_SECRET
+  })
+]
+...
+```
--- a/www/docs/providers/kakao.md
+++ b/www/docs/providers/kakao.md
@@ -0,0 +1,32 @@
+---
+id: kakao
+title: Kakao
+---
+
+## Documentation
+
+https://developers.kakao.com/product/kakaoLogin
+
+## Configuration
+
+https://developers.kakao.com/docs/latest/en/kakaologin/common
+
+## Example
+
+```js
+import Providers from `next-auth/providers`
+...
+providers: [
+  Providers.Kakao({
+    clientId: process.env.KAKAO_CLIENT_ID,
+    clientSecret: process.env.KAKAO_CLIENT_SECRET
+  })
+]
+...
+```
+
+## Instructions
+
+### Configuration
+
+Create a provider and a Kakao application at `https://developers.kakao.com/console/app`. In the settings of the app under Kakao Login, activate web app, change consent items and configure callback URL.
--- a/www/docs/providers/zoho.md
+++ b/www/docs/providers/zoho.md
@@ -0,0 +1,26 @@
+---
+id: zoho
+title: Zoho
+---
+
+## Documentation
+
+https://www.zoho.com/accounts/protocol/oauth/web-server-applications.html
+
+## Configuration
+
+https://api-console.zoho.com/
+
+## Example
+
+```js
+import Providers from `next-auth/providers`
+...
+providers: [
+  Providers.Zoho({
+    clientId: process.env.ZOHO_CLIENT_ID,
+    clientSecret: process.env.ZOHO_CLIENT_SECRET
+  })
+]
+...
+```
--- a/www/docs/tutorials.md
+++ b/www/docs/tutorials.md
@@ -9,6 +9,14 @@ _These tutorials are contributed by the community and hosted on this site._

 _New submissions and edits are welcome!_

+### [NextJS Authentication Crash Course with NextAuth.js](https://youtu.be/o_wZIVmWteQ)
+
+This tutorial dives in to the ins and outs of NextAuth including email, Github, Twitter and integrating with Auth0 in under hour.
+
+### [Create your own NextAuth.js Login Pages](https://youtu.be/kB6YNYZ63fw)
+
+This tutorial shows you how to jump in and create your own custom login pages versus using the ones provided by NextAuth.js
+
 ### [Refresh Token Rotation](tutorials/refresh-token-rotation)

 How to implement refresh token rotation.
--- a/www/package-lock.json
+++ b/www/package-lock.json
Author	SHA1	Message	Date
Balázs Orbán	985f7b3431	fix(logger): properly end request every time (#1557 ) * fix(logger): properly end request every time * chore: fix linting	2021-03-20 10:08:12 +01:00
Max	237b016378	fix(provider): reject access token if slack login flow was canceled (#1544 ) * fix: reject access token if slack login flow was canceled * style: fix lint errors in oauth client	2021-03-18 14:59:24 +01:00
Joshua Williams	776b9480da	feat(provider): add Zoho provider (#1516 ) * feat(provider): add zoho * fix: use LF instead of CRLF * fix: crlf to lf line endings Co-authored-by: Balázs Orbán <info@balazsorban.com>	2021-03-16 19:27:11 +01:00
Honman Yau	07a3f76cb3	docs: fix typos in REST API guide (#1528 )	2021-03-16 19:25:24 +01:00
tclaude94	3726d68c49	feat(provider): add FACEIT provider (#1469 )	2021-03-16 00:00:35 +01:00
dependabot[bot]	e31db1726a	chore(deps): bump xmldom from 0.3.0 to 0.5.0 (#1510 ) Bumps [xmldom](https://github.com/xmldom/xmldom) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](https://github.com/xmldom/xmldom/compare/0.3.0...0.5.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-03-13 14:19:22 +01:00
James Perkins	a241199c11	docs(tutorials): Adding two more tutorials to the list. [skip release]	2021-03-13 03:42:00 +00:00
dependabot[bot]	5385ec20a9	chore(deps): bump elliptic from 6.5.3 to 6.5.4 in /www (#1493 ) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-03-10 22:59:10 +01:00
Balázs Orbán	810d02e671	fix(deps): upgrade to latest preact-render-to-string (#1475 )	2021-03-08 10:39:13 +01:00
Valentin Hervieu	e5535734f8	fix(client): set useSession loading state correctly (#1468 ) This is fixing #1467. The issue was due to doing the `setLoading(false)` in the finally: as we can do an early return [here](`a7e08e2a32/src/client/index.js (L100-L100)`), we would still go to the finally and mark the session as being loaded. I simply removed the `finally` block to only set the `loading` state to false when: - the data is ready - an error occures	2021-03-07 19:11:32 +01:00
Taehwan Noh	ba7aed1057	feat(provider): add Kakao provider (#1459 )	2021-03-06 21:52:39 +01:00