update(provider): Update Slack provider to use V2 OAuth endpoints (#895)

* Update Slack to v2 authorize urls, option for additional authorize params * acessTokenGetter + documentation
nextauthjs · Dec 6, 2020 · 9dbd372 · 9dbd372
1 parent dde908b
commit 9dbd372
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 5 deletions.
diff --git a/src/providers/slack.js b/src/providers/slack.js
@@ -4,10 +4,12 @@ export default (options) => {
     name: 'Slack',
     type: 'oauth',
     version: '2.0',
-    scope: 'identity.basic identity.email identity.avatar',
+    scope: [],
     params: { grant_type: 'authorization_code' },
-    accessTokenUrl: 'https://slack.com/api/oauth.access',
-    authorizationUrl: 'https://slack.com/oauth/authorize?response_type=code',
+    accessTokenUrl: 'https://slack.com/api/oauth.v2.access',
+    accessTokenGetter: (json) => json.authed_user.access_token,
+    authorizationUrl: 'https://slack.com/oauth/v2/authorize',
+    additionalAuthorizeParams: { user_scope: 'identity.basic,identity.email,identity.avatar' },
     profileUrl: 'https://slack.com/api/users.identity',
     profile: (profile) => {
       const { user } = profile

diff --git a/src/server/lib/oauth/callback.js b/src/server/lib/oauth/callback.js
@@ -247,7 +247,7 @@ async function _getOAuthAccessToken (code, provider, callback) {
         // Clients of these services suffer a minor performance cost.
         results = querystring.parse(data)
       }
-      const accessToken = results.access_token
+      const accessToken = provider.accessTokenGetter ? provider.accessTokenGetter(results) : results.access_token
       const refreshToken = results.refresh_token
       callback(null, accessToken, refreshToken, results)
     }

diff --git a/src/server/lib/signin/oauth.js b/src/server/lib/signin/oauth.js
@@ -12,7 +12,8 @@ export default (provider, csrfToken, callback, authParams) => {
       redirect_uri: provider.callbackUrl,
       scope: provider.scope,
       // A hash of the NextAuth.js CSRF token is used as the state
-      state: createHash('sha256').update(csrfToken).digest('hex')
+      state: createHash('sha256').update(csrfToken).digest('hex'),
+      ...provider.additionalAuthorizeParams
     })
 
     // If the authorizationUrl specified in the config has query parameters on it

diff --git a/www/docs/configuration/providers.md b/www/docs/configuration/providers.md
@@ -138,6 +138,7 @@ providers: [
 |      scope       |       OAuth access scopes (expects array or string) |    No    |
 |      params      |       Additional authorization URL parameters       |    No    |
 |  accessTokenUrl  |        Endpoint to retrieve an access token         |   Yes    |
+|  accessTokenGetter  |   Default `(json) => json.access_token`          |    No    |
 | requestTokenUrl  |        Endpoint to retrieve a request token         |    No    |
 | authorizationUrl |   Endpoint to request authorization from the user   |   Yes    |
 |    profileUrl    |       Endpoint to retrieve the user's profile       |    No    |