Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

httpOptions missing on OAuth config in experimental version #8491

Open
patrickpilch opened this issue Sep 4, 2023 · 7 comments
Open

httpOptions missing on OAuth config in experimental version #8491

patrickpilch opened this issue Sep 4, 2023 · 7 comments
Labels
core Refers to `@auth/core` enhancement New feature or request

Comments

@patrickpilch
Copy link

Description 📓

We have been using the httpOptions parameter in next-auth's 4.x OAuthConfig to set a header we require for our IDP.

I noticed this is missing in @auth/core's OAuth2Config, and unfortunately will be a blocker/headache for us to upgrade.

It seems the 'oauth4webapi' library supports additional headers.

How to reproduce ☕️

N/A

Contributing 🙌🏽

Yes, I am willing to help implement this feature in a PR
@patrickpilch patrickpilch added enhancement New feature or request triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. labels Sep 4, 2023
@balazsorban44
Copy link
Member

balazsorban44 commented Sep 4, 2023
edited

Can you add a more concrete example? N/A is not a valid reproduction. 🤷‍♂️ Even if it's a feature request, it would be good to understand the reason.

@balazsorban44 balazsorban44 added incomplete Insufficient reproduction. Without more info, we won't take further actions/provide help. and removed incomplete Insufficient reproduction. Without more info, we won't take further actions/provide help. labels Sep 4, 2023
@github-actions github-actions bot added the incomplete Insufficient reproduction. Without more info, we won't take further actions/provide help. label Sep 4, 2023
@nextauthjs nextauthjs deleted a comment from github-actions bot Sep 4, 2023
@patrickpilch
Copy link
Author

Usage on 4.x

Keycloak({ 
  // ...
  httpOptions: {
    headers: {
      'some-header-name': 'some-header-value'
    }
  }
}),

Usage on 5.x
Not possible. The config type is missing the httpOptions parameter, or something similar.

As for the reasoning and use-case: there could be all sorts. One concrete example for custom header support would be if the authorization server is behind a security proxy and requires a service token or other authorization header(s). Of course there are other ways of addressing this scenario with varying levels of complexity, but using headers was a very simple & effective way to get going. Let me know if there's anything else I can provide.

@balazsorban44 balazsorban44 removed the incomplete Insufficient reproduction. Without more info, we won't take further actions/provide help. label Sep 5, 2023
@mikekellyio
Copy link

This is a blocker for my app and v5 as well. Another use case, setting a custom agent in httpOptions

httpOptions: {
  agent: new https.Agent({
    cert: /* cert */,
    key: /* key */
  })
}

@PaulWild
Copy link

This will be a blocker for us as well unfortunately from upgrading - our use case is similar in that we require additional httpHeaders on the requests made to our OAuth provider

@balazsorban44 balazsorban44 removed the triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. label Jan 23, 2024
@balazsorban44 balazsorban44 mentioned this issue Jan 23, 2024
Closed
3 tasks
@balazsorban44
Copy link
Member

oauth4webapi recently added https://github.com/panva/oauth4webapi/blob/main/docs/variables/experimental_customFetch.md which might be useful, we will revisit!

@balazsorban44 balazsorban44 added the core Refers to `@auth/core` label Jan 23, 2024
@bujikun
Copy link

bujikun commented Feb 1, 2024

I am facing this similar issue. I can not extend the timeout during debugging.
I had this in v4, after upgrading to v5, i can no longer do the same.
httpOptions: { timeout:15000 },

Can we please have this back? Or another way of doing this?

@leog
Copy link

leog commented Mar 3, 2024

same as @bujikun, missing the timeoutoption

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core Refers to `@auth/core` enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@mikekellyio @leog @patrickpilch @PaulWild @bujikun @balazsorban44