Upgrade to @auth/core 0.37.3 #119
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
| @@ -221,10 +260,6 @@ export async function handleOAuthCallback( | |||
| codeGrantResponse; | |||
| } | |||
|
|
|||
| if (o.parseWwwAuthenticateChallenges(codeGrantResponse)) { | |||
There was a problem hiding this comment.
Does this move somewhere else?
There was a problem hiding this comment.
According to the oauth4webapi 3.0.0 release notes, this function was removed.
removed parseWwwAuthenticateChallenges(), all functions verify process Response now reject with WWWAuthenticateChallengeError instead
| nonce ?? o.expectNoNonce, | ||
| { | ||
| expectedNonce: nonce ?? o.expectNoNonce, | ||
| requireIdToken: true, |
There was a problem hiding this comment.
Do we understand what this does / why it's safe to change here?
There was a problem hiding this comment.
oauth4webapi 3.0.0 changed the API and replaced a couple functions with this one.
processAuthorizationCodeOpenIDResponse() method was removed in favour of processAuthorizationCodeResponse()
processAuthorizationCodeOAuth2Response() method was removed in favour of processAuthorizationCodeResponse()
https://github.com/panva/oauth4webapi/releases/tag/v3.0.0
These extra args passed here are for OIDC - Auth.js does it in a similar way:
| @@ -71,7 +71,7 @@ | |||
| "server-only": "^0.0.1" | |||
| }, | |||
| "peerDependencies": { | |||
| "@auth/core": "^0.36.0", | |||
| "@auth/core": "^0.37.0", | |||
There was a problem hiding this comment.
If we land this, we should also update the docs that tell you to install @auth/[email protected]
There was a problem hiding this comment.
I'm guessing you mean 0.37.0.
There was a problem hiding this comment.
We should update the docs that tell you to install @auth/[email protected] to tell you to install @auth/[email protected]
| @@ -221,10 +260,6 @@ export async function handleOAuthCallback( | |||
| codeGrantResponse; | |||
| } | |||
|
|
|||
| if (o.parseWwwAuthenticateChallenges(codeGrantResponse)) { | |||
There was a problem hiding this comment.
According to the oauth4webapi 3.0.0 release notes, this function was removed.
removed parseWwwAuthenticateChallenges(), all functions verify process Response now reject with WWWAuthenticateChallengeError instead
| nonce ?? o.expectNoNonce, | ||
| { | ||
| expectedNonce: nonce ?? o.expectNoNonce, | ||
| requireIdToken: true, |
There was a problem hiding this comment.
oauth4webapi 3.0.0 changed the API and replaced a couple functions with this one.
processAuthorizationCodeOpenIDResponse() method was removed in favour of processAuthorizationCodeResponse()
processAuthorizationCodeOAuth2Response() method was removed in favour of processAuthorizationCodeResponse()
https://github.com/panva/oauth4webapi/releases/tag/v3.0.0
These extra args passed here are for OIDC - Auth.js does it in a similar way:
| @@ -71,7 +71,7 @@ | |||
| "server-only": "^0.0.1" | |||
| }, | |||
| "peerDependencies": { | |||
| "@auth/core": "^0.36.0", | |||
| "@auth/core": "^0.37.0", | |||
There was a problem hiding this comment.
I'm guessing you mean 0.37.0.
|
Closing this since we went with the approach in #121 instead. |
This is a minimal approach to switching to
@auth/core0.37+. It pulls in a bit more code, but lets us run using the new 3.x version ofoauth4webapias well.The test suites (
test/andtest-nextjs/) succeed. I plan on trying out a few providers manually with this change, but thought I'd put the code up for review in the meantime.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.