feat: forward auth params from signin to provider (#823)

nextauthjs · Dec 5, 2020 · 545a7e7 · 545a7e7 · vercel · Dec 5, 2020
1 parent c564b84
commit 545a7e7
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 4 deletions.
diff --git a/src/client/index.js b/src/client/index.js
@@ -222,7 +222,7 @@ const _useSessionHook = (session) => {
 }
 
 // Client side method
-const signIn = async (provider, args = {}) => {
+const signIn = async (provider, args = {}, authParams = {}) => {
   const baseUrl = _apiBaseUrl()
   const callbackUrl = (args && args.callbackUrl) ? args.callbackUrl : window.location
   const providers = await getProviders()
@@ -232,9 +232,14 @@ const signIn = async (provider, args = {}) => {
     // If Provider not recognized, redirect to sign in page
     window.location = `${baseUrl}/signin?callbackUrl=${encodeURIComponent(callbackUrl)}`
   } else {
-    const signInUrl = (providers[provider].type === 'credentials')
+    let signInUrl = (providers[provider].type === 'credentials')
       ? `${baseUrl}/callback/${provider}`
       : `${baseUrl}/signin/${provider}`
+
+    if (authParams) {
+      signInUrl += `?${new URLSearchParams(authParams).toString()}`
+    }
+
     // If is any other provider type, POST to provider URL with CSRF Token,
     // callback URL and any other parameters supplied.
     const fetchOptions = {

diff --git a/src/server/lib/signin/oauth.js b/src/server/lib/signin/oauth.js
@@ -2,12 +2,13 @@ import oAuthClient from '../oauth/client'
 import { createHash } from 'crypto'
 import logger from '../../../lib/logger'
 
-export default (provider, csrfToken, callback) => {
+export default (provider, csrfToken, callback, authParams) => {
   const { callbackUrl } = provider
   const client = oAuthClient(provider)
   if (provider.version && provider.version.startsWith('2.')) {
     // Handle oAuth v2.x
     let url = client.getAuthorizeUrl({
+      ...authParams,
       redirect_uri: provider.callbackUrl,
       scope: provider.scope,
       // A hash of the NextAuth.js CSRF token is used as the state

diff --git a/src/server/routes/signin.js b/src/server/routes/signin.js
@@ -23,14 +23,17 @@ export default async (req, res, options, done) => {
   }
 
   if (type === 'oauth' && req.method === 'POST') {
+    const authParams = { ...req.query }
+    delete authParams.nextauth // This is probably not intended to be sent to the provider, remove
+
     oAuthSignin(provider, csrfToken, (error, oAuthSigninUrl) => {
       if (error) {
         logger.error('SIGNIN_OAUTH_ERROR', error)
         return redirect(`${baseUrl}${basePath}/error?error=OAuthSignin`)
       }
 
       return redirect(oAuthSigninUrl)
-    })
+    }, authParams)
   } else if (type === 'email' && req.method === 'POST') {
     if (!adapter) {
       logger.error('EMAIL_REQUIRES_ADAPTER_ERROR')