Supabase•6mo ago•

3 replies

OAuth Authentication: 'code challenge does not match previously saved code verifier' Error

Hello !

What's going wrong:

I consistently get a

'code challenge does not match previously saved code verifier'

'code challenge does not match previously saved code verifier'

→

'bad_code_verifier'

'bad_code_verifier'

error when exchanging the OAuth code for a session. I followed the official Supabase Next.js SSR documentation multiple times.....

- OS: macOS
- Framework: Next.js 15
- Library versions:

@supabase/ssr@0.5.2

@supabase/ssr@0.5.2

@supabase/supabase-js@2.46.1

@supabase/supabase-js@2.46.1

Both createBrowserClient & createServerClient are exactly like the docs said

OAuth initiation:

const result = await authClient.auth.signInWithOAuth({
  provider,
  options: {
    redirectTo: `${window.location.origin}/api/auth/callback`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

const result = await authClient.auth.signInWithOAuth({
  provider,
  options: {
    redirectTo: `${window.location.origin}/api/auth/callback`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

Callback handler: (/api/auth/callback/route.ts)

let supabaseResponse = NextResponse.redirect(`${origin}${next}`)

const supabase = createServerClient(
  env.NEXT_PUBLIC_SUPABASE_URL,
  env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
  {
    cookies: {
      getAll() {
        return request.cookies.getAll()
      },
      setAll(cookiesToSet) {
        cookiesToSet.forEach(({ name, value }) => {
          request.cookies.set(name, value)
        })
        supabaseResponse = NextResponse.redirect(`${origin}${next}`)
        cookiesToSet.forEach(({ name, value, options }) => {
          supabaseResponse.cookies.set(name, value, options)
        })
      },
    },
  },
)

const { data, error: exchangeError } = await supabase.auth.exchangeCodeForSession(code)

let supabaseResponse = NextResponse.redirect(`${origin}${next}`)

const supabase = createServerClient(
  env.NEXT_PUBLIC_SUPABASE_URL,
  env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
  {
    cookies: {
      getAll() {
        return request.cookies.getAll()
      },
      setAll(cookiesToSet) {
        cookiesToSet.forEach(({ name, value }) => {
          request.cookies.set(name, value)
        })
        supabaseResponse = NextResponse.redirect(`${origin}${next}`)
        cookiesToSet.forEach(({ name, value, options }) => {
          supabaseResponse.cookies.set(name, value, options)
        })
      },
    },
  },
)

const { data, error: exchangeError } = await supabase.auth.exchangeCodeForSession(code)

Additional investigation:

I noticed in

GoTrueClient.ts

GoTrueClient.ts

that the

storageKey

storageKey

appears to be

"sb-127"

"sb-127"

(localhost-related) while the default

STORAGE_KEY

STORAGE_KEY

@supabase/auth-js

@supabase/auth-js

'supabase.auth.token'

'supabase.auth.token'

. I tried manually setting

{auth: {storageKey: 'local'}}

{auth: {storageKey: 'local'}}

, but didn't do anything.

Both browser and server clients use identical environment variables and configuration. I'm unable to debug why the code verifier isn't matching.

Any clue on what I'm missing ?

Supabase•6mo ago•

3 replies

Nerap

OAuth Authentication: 'code challenge does not match previously saved code verifier' Error

Hello !

What's going wrong:

I consistently get a

'code challenge does not match previously saved code verifier'

'code challenge does not match previously saved code verifier'

→

'bad_code_verifier'

'bad_code_verifier'

error when exchanging the OAuth code for a session. I followed the official Supabase Next.js SSR documentation multiple times.....

- OS: macOS
- Framework: Next.js 15
- Library versions:

@supabase/ssr@0.5.2

@supabase/ssr@0.5.2

@supabase/supabase-js@2.46.1

@supabase/supabase-js@2.46.1

Both createBrowserClient & createServerClient are exactly like the docs said

OAuth initiation:

const result = await authClient.auth.signInWithOAuth({
  provider,
  options: {
    redirectTo: `${window.location.origin}/api/auth/callback`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

const result = await authClient.auth.signInWithOAuth({
  provider,
  options: {
    redirectTo: `${window.location.origin}/api/auth/callback`,
    queryParams: {
      access_type: 'offline',
      prompt: 'consent',
    },
  },
})

Callback handler: (/api/auth/callback/route.ts)

let supabaseResponse = NextResponse.redirect(`${origin}${next}`)

const supabase = createServerClient(
  env.NEXT_PUBLIC_SUPABASE_URL,
  env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
  {
    cookies: {
      getAll() {
        return request.cookies.getAll()
      },
      setAll(cookiesToSet) {
        cookiesToSet.forEach(({ name, value }) => {
          request.cookies.set(name, value)
        })
        supabaseResponse = NextResponse.redirect(`${origin}${next}`)
        cookiesToSet.forEach(({ name, value, options }) => {
          supabaseResponse.cookies.set(name, value, options)
        })
      },
    },
  },
)

const { data, error: exchangeError } = await supabase.auth.exchangeCodeForSession(code)

let supabaseResponse = NextResponse.redirect(`${origin}${next}`)

const supabase = createServerClient(
  env.NEXT_PUBLIC_SUPABASE_URL,
  env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
  {
    cookies: {
      getAll() {
        return request.cookies.getAll()
      },
      setAll(cookiesToSet) {
        cookiesToSet.forEach(({ name, value }) => {
          request.cookies.set(name, value)
        })
        supabaseResponse = NextResponse.redirect(`${origin}${next}`)
        cookiesToSet.forEach(({ name, value, options }) => {
          supabaseResponse.cookies.set(name, value, options)
        })
      },
    },
  },
)

const { data, error: exchangeError } = await supabase.auth.exchangeCodeForSession(code)

Additional investigation:

I noticed in

GoTrueClient.ts

GoTrueClient.ts

that the

storageKey

storageKey

appears to be

"sb-127"

"sb-127"

(localhost-related) while the default

STORAGE_KEY

STORAGE_KEY

@supabase/auth-js

@supabase/auth-js

'supabase.auth.token'

'supabase.auth.token'

. I tried manually setting

{auth: {storageKey: 'local'}}

{auth: {storageKey: 'local'}}

OAuth Authentication: 'code challenge does not match previously saved code verifier' Error

What's going wrong:

OAuth initiation:

Callback handler: (/api/auth/callback/route.ts)

Additional investigation:

OAuth Authentication: 'code challenge does not match previously saved code verifier' Error

What's going wrong:

OAuth initiation:

Callback handler: (/api/auth/callback/route.ts)

Additional investigation:

Similar Threads

Similar Threads

Similar Threads