OIDC Provider questions

Hi everyone!

Trying to do a POC on the oidc provider feature.

I have a next.js application cosplaying the auth server. Relevant code excerpts:

export const auth = betterAuth({
  emailAndPassword: {enabled: true},
  database: new Pool({connectionString: process.env.DATABASE_URL}),
  plugins: [nextCookies(), jwt(), oidcProvider({
    loginPage: '/auth/sign-in',
    consentPage: '/oidc/consent',
    defaultScope: 'openid email',
    allowDynamicClientRegistration: true
  })]
});

export const auth = betterAuth({
  emailAndPassword: {enabled: true},
  database: new Pool({connectionString: process.env.DATABASE_URL}),
  plugins: [nextCookies(), jwt(), oidcProvider({
    loginPage: '/auth/sign-in',
    consentPage: '/oidc/consent',
    defaultScope: 'openid email',
    allowDynamicClientRegistration: true
  })]
});

export const auth = betterAuth({
  emailAndPassword: {enabled: true},
  database: new Pool({connectionString: process.env.DATABASE_URL}),
  plugins: [nextCookies(), jwt(), oidcProvider({
    loginPage: '/auth/sign-in',
    consentPage: '/oidc/consent',
    defaultScope: 'openid email',
    allowDynamicClientRegistration: true
  })]
});

export const auth = betterAuth({
  emailAndPassword: {enabled: true},
  database: new Pool({connectionString: process.env.DATABASE_URL}),
  plugins: [nextCookies(), jwt(), oidcProvider({
    loginPage: '/auth/sign-in',
    consentPage: '/oidc/consent',
    defaultScope: 'openid email',
    allowDynamicClientRegistration: true
  })]
});

I also have an API route

/api/oidc/callback

/api/oidc/callback

/api/oidc/callback

/api/oidc/callback. Previously I registered an OIDC client with

await oauth2.register({
  name: clientName,
  redirectURLs: ['http://localhost:3000/api/oidc/callback']
});

await oauth2.register({
  name: clientName,
  redirectURLs: ['http://localhost:3000/api/oidc/callback']
});

await oauth2.register({
  name: clientName,
  redirectURLs: ['http://localhost:3000/api/oidc/callback']
});

await oauth2.register({
  name: clientName,
  redirectURLs: ['http://localhost:3000/api/oidc/callback']
});

So I start the oidc flow by pasting the following url to the browser

http://localhost:3000/api/auth/oauth2/authorize?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

http://localhost:3000/api/auth/oauth2/authorize?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

http://localhost:3000/api/auth/oauth2/authorize?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

http://localhost:3000/api/auth/oauth2/authorize?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

I get redirected, correctly, to the sign-in page

http://localhost:3000/auth/sign-in?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

http://localhost:3000/auth/sign-in?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

http://localhost:3000/auth/sign-in?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

http://localhost:3000/auth/sign-in?response_type=code&client_id=<redacted>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fapi%2Foidc%2Fcallback

But on the login page after

authClient.signIn.email()

authClient.signIn.email()

authClient.signIn.email()

authClient.signIn.email() I don't get redirected but I get HTTP200 with the user payload.

-Continue in a following comment-

OIDC Provider questions

Similar Threads

Similar Threads

Similar Threads