I want to authenticate using NextAuth
and IdentityServer4
. I have created the following provider:
import NextAuth from "next-auth"
import IdentityServer4Provider from "next-auth/providers/identity-server4";
export default NextAuth({
// Configure one or more authentication providers
providers: [
IdentityServer4Provider({
id: "identity-server4",
name: "IdentityServer4",
issuer: process.env.NEXT_PUBLIC_IDENTITY_SERVER,
clientId: process.env.CLIENT_ID,
clientSecret: process.env.CLIENT_SECRET
})
],
callbacks: {
},
secret: process.env.NEXTAUTH_SECRET,
})
The problem I am having is I need to add a grant_type
with value client_credentials
.
When I look at the code for IdentityServer4 provider in NextAuth, I found this (no grant_type
option):
/** @type {import(".").OAuthProvider} */
export default function IdentityServer4(options) {
return {
id: "identity-server4",
name: "IdentityServer4",
type: "oauth",
wellKnown: `${options.issuer}/.well-known/openid-configuration`,
authorization: { params: { scope: "openid profile email" } },
checks: ["pkce", "state"],
idToken: true,
profile(profile) {
return {
id: profile.sub,
name: profile.name,
email: profile.email,
image: null,
}
},
options,
}
}
I have the following POST
request, which is working correctly:
How can I add a grant_type
to this provider?
CodePudding user response:
As I see it, you are trying to add an external provider to Next-auth. Client Credentials doesn't provide identity. It doesn't exist a user in this flow, so you can't request OpenID scopes and you can't use it as an external provider flow.
This type of grant is commonly used for server-to-server interactions that must run in the background, without immediate interaction with a user.
Next-auth will redirect the user to the external provider and wait for their interaction, probably a login with Authorization Code flow, until it finishes and returns control to Next-auth.