New Provider: 'The required "client_id" parameter is missing.' TODO: Handle OAuth 2.0 response body error #10642
Unanswered
MoscoviumAlchemist
asked this question in
Help
Replies: 1 comment
-
I managed to hack together a fix that gets a custom-defined Wordpress provider but it involves modifying core to accept a
let codeGrantResponse;
if (token?.request) {
const _codeGrantResponse = await token.request({ provider, params: query, checks, client }); // pass the rest of context
if (_codeGrantResponse instanceof Object)
codeGrantResponse = _codeGrantResponse;
} else {
codeGrantResponse = await o.authorizationCodeGrantRequest(as, client, codeGrantParams, redirect_uri, codeVerifier ?? "auth" // TODO: review fallback code verifier
);
}
// let codeGrantResponse = await o.authorizationCodeGrantRequest(as, client, codeGrantParams, redirect_uri, codeVerifier ?? "auth" // TODO: review fallback code verifier
// ); Then I've got a custom provider defined like this: export interface WordPressProfile {
login: string;
id: number;
url: string;
type: string;
name: string | null;
email: string | null;
}
export default function WordPress(
config: OAuthUserConfig<WordPressMeResult> & {}
): OAuthConfig<WordPressMeResult> {
return {
id: "wordpress",
name: "WordPress",
type: "oauth",
clientId: process.env.AUTH_WORDPRESS_ID,
clientSecret: process.env.AUTH_WORDPRESS_SECRET,
authorization: {
url: "https://public-api.wordpress.com/oauth2/authorize",
params: { scope: "global", response_type: "code" },
},
token: {
url: `https://public-api.wordpress.com/oauth2/token`,
params: {
client_id: String(process.env.AUTH_WORDPRESS_ID),
redirect_uri: "https://localhost:3000/connect/callback/wordpress",
client_secret: String(process.env.AUTH_WORDPRESS_SECRET),
grant_type: "authorization_code",
},
// fixes {"error":"invalid_client","error_description":"The required \"client_id\" parameter is missing."}
async request(context) {
const data = new URLSearchParams(); //new FormData();
data.append("client_id", String(process.env.AUTH_WORDPRESS_ID));
data.append("redirect_uri", context.provider.callbackUrl);
data.append("client_secret", String(process.env.AUTH_WORDPRESS_SECRET));
data.append("code", context.params.code);
data.append("grant_type", "authorization_code");
data.append("code_verifier", context.checks.code_verifier);
const response = await fetch(
"https://public-api.wordpress.com/oauth2/token",
{
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
body: data,
}
);
if (!response.ok) {
console.log(response);
const result = await response.json();
throw new Error(JSON.stringify(result));
}
return response;
},
} as TokenEndpointHandler,
userinfo: {
url: `https://public-api.wordpress.com/rest/v1/me`,
},
profile(profile) {
return {
id: String(profile.ID),
name: profile.display_name,
email: profile.email,
image: profile.avatar_URL,
};
},
style: { bg: "#24292f", text: "#fff", logo: "" },
options: config,
};
} But I'd rather not monkey patch core just to add a request override. But I can't figure out why exactly it's failing within core, can anyone spot the difference? Is it something to do with the way the parameters are form encoded? Surely there's a better way! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm trying to set up a WordPress provider with
"@auth/core": "^0.29.0",
"next-auth": "^5.0.0-beta.16",
(the default WordPress provider throws similar errors). Can anyone advise how to get this working? Is the problem that the WordPress response body is empty because something is missing in thetoken
request? How can I modify that request with v5? All the examples I have found are for version 4.When I authorize the app and I'm redirected back to the callback url I get the following errors in the terminal:
Beta Was this translation helpful? Give feedback.
All reactions