sven09 Comments - Answer Overflow

Topics

sven09

•Created by Christer - Codehagen on 3/30/2025 in #help

Better Auth Microsoft OAuth - email_not_found Error

make sure your token from app registration sends email. for dummy accounts in tests keep in mind they are not full profiles this is your friend:

            mapProfileToUser: async (profile: MicrosoftEntraIDProfile) => {
                console.log(" mapProfileToUser: | profile:", profile);

                return {
                    id: profile.id,
                    email: profile.email || profile.upn, // last part only for dummy accounts
                    name: profile.name,
                    image: profile.picture,
                    emailVerified: profile.email_verified,
                    createdAt: profile.created_at,
                    updatedAt: profile.updated_at,
                };
            },

4 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

How can it be configured?

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

5 hours of research (aka tears): if you put in user.read in the scope the token will be issued for msgraph (The reason your access token’s aud (audience) claim is set to "00000003-0000-0000-c000-000000000000" is because this GUID represents the Microsoft Graph API.) and add your api to the scope api://<your-client-id>/access_as_user now i can get an accesstoken in nextjs for an app registration and call a azure resource with the accesstoken as bearer

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

make sure that you have offline_access in your token config and scope

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

i can post here anymore...

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

in your social provider

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

export async function getValidAccessToken(userId: string, providerId: string = "microsoft") {
  // Find the account for the user and provider
  const account = await db.account.findFirst({
    where: {
      userId,
      providerId,
    },
  });

  if (!account) {
    throw new Error(`No ${providerId} account found for user ${userId}`);
  }

  // Check if the access token is expired or will expire soon (within 5 minutes)
  const isExpiredOrExpiringSoon = !account.accessTokenExpiresAt || 
    account.accessTokenExpiresAt.getTime() < Date.now() + 5 * 60 * 1000;

  // If the token is expired or will expire soon, refresh it
  if (isExpiredOrExpiringSoon && account.refreshToken) {
    try {
      console.log(`Access token is expired or will expire soon. Refreshing...`);
      
      // Get the provider configuration from auth
      const providerConfig = auth.options.socialProviders?.[providerId];
      
      if (!providerConfig || !providerConfig.refreshAccessToken) {
        throw new Error(`Provider ${providerId} does not support token refreshing`);
      }
      
      // Call the refreshAccessToken function
      const tokens = await providerConfig.refreshAccessToken(account.refreshToken);
      
      // Update the account with the new tokens
      await db.account.update({
        where: { id: account.id },
        data: {
          accessToken: tokens.accessToken,
          refreshToken: tokens.refreshToken,
          accessTokenExpiresAt: tokens.accessTokenExpiresAt,
          refreshTokenExpiresAt: tokens.refreshTokenExpiresAt,
          idToken: tokens.idToken,
        },
      });
      
      console.log(`Access token refreshed successfully. New expiration: ${tokens.accessTokenExpiresAt}`);
      
      return tokens.accessToken;
    } catch (error) {
      console.error("Error refreshing access token:", error);
      throw error;
    }
  }
  
  // Return the current access token if it's still valid
  return account.accessToken;
}

export async function getValidAccessToken(userId: string, providerId: string = "microsoft") {
  // Find the account for the user and provider
  const account = await db.account.findFirst({
    where: {
      userId,
      providerId,
    },
  });

  if (!account) {
    throw new Error(`No ${providerId} account found for user ${userId}`);
  }

  // Check if the access token is expired or will expire soon (within 5 minutes)
  const isExpiredOrExpiringSoon = !account.accessTokenExpiresAt || 
    account.accessTokenExpiresAt.getTime() < Date.now() + 5 * 60 * 1000;

  // If the token is expired or will expire soon, refresh it
  if (isExpiredOrExpiringSoon && account.refreshToken) {
    try {
      console.log(`Access token is expired or will expire soon. Refreshing...`);
      
      // Get the provider configuration from auth
      const providerConfig = auth.options.socialProviders?.[providerId];
      
      if (!providerConfig || !providerConfig.refreshAccessToken) {
        throw new Error(`Provider ${providerId} does not support token refreshing`);
      }
      
      // Call the refreshAccessToken function
      const tokens = await providerConfig.refreshAccessToken(account.refreshToken);
      
      // Update the account with the new tokens
      await db.account.update({
        where: { id: account.id },
        data: {
          accessToken: tokens.accessToken,
          refreshToken: tokens.refreshToken,
          accessTokenExpiresAt: tokens.accessTokenExpiresAt,
          refreshTokenExpiresAt: tokens.refreshTokenExpiresAt,
          idToken: tokens.idToken,
        },
      });
      
      console.log(`Access token refreshed successfully. New expiration: ${tokens.accessTokenExpiresAt}`);
      
      return tokens.accessToken;
    } catch (error) {
      console.error("Error refreshing access token:", error);
      throw error;
    }
  }
  
  // Return the current access token if it's still valid
  return account.accessToken;
}

`

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

I managed to do this all on nextjs / prisma / hono project. Here are the pieces.

19 replies

•Created by sven09 on 4/13/2025 in #help

RefressAcceshToken in SocialProvider (Microsoft) and NextJs 15

I have solved it and will post it tomorrow as soon as i am back to my Computer

19 replies