New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: forward auth params from signin to provider #823
feat: forward auth params from signin to provider #823
Conversation
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/nextauthjs/next-auth/95h0lbbzs |
This would greatly benefit the situation in which I would like to append form data (along with |
@makezi or @balazsorban44 Did either of you happen to get this option working with Auth0? (in tests or the like?) I'm using the canary and I don't see a difference when passing args in. Adding I'd like to use a more dynamic option like the one this PR adds.. i.e. Support both |
Hi there! I removed this option after #1022 in canary, but if there is still a need for it, maybe I could add it back. Maybe open a feautr request issue on it? |
@balazsorban44 I think there would be a need to accept the args on the I'll plan to PR something in addition since that'll help me describe the interface & useful options for Auth0 specifically 👍 |
@balazsorban44 I know that having @jmfury My case was a bit more complicated hence had to customise the lock sign in page to read some other user registration data from the app client. Either way, with // utils/auth.js
import { signIn } from 'next-auth/client';
function handleSignIn(event, params) {
event.preventDefault();
signIn('auth0', { callbackUrl: '/' }, params);
}
function handleRegister(event, params) {
event.preventDefault();
// This is what we did but in your case you would do { initialScreen: 'signUp', ...params }
signIn('auth0', { callbackUrl: '/' }, { register: true, ...params} );
}
...
<a href="/register" onClick={handleRegister}>Register</button> Hope that helps! I'll upvote that PR 👍! |
@makezi This was hugely helpful.. After digging thru the client code I realized I was wrong about the above (re: server route for The following is a customized version of the original async function signUp(provider, args) {
const csrfToken = await getCsrfToken()
const signInUrl = `${process.env.NEXT_PUBLIC_NEXTAUTH_URL}/api/auth/signin/${provider}`
const fetchOptions = {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: encodeForm({ // Taken from the `next-auth` helper
csrfToken,
callbackUrl: args?.callbackUrl || process.env.NEXT_PUBLIC_NEXTAUTH_URL,
json: true
})
}
const res = await fetch(signInUrl, fetchOptions)
const data = await res.json()
return (window.location = data?.url ? data.url + `&mode=signUp` : '/my-signin-error-page') // add custom params to signInUrl before navigating, or go to error page if the call fails
} This isn't quite as robust as the Given the above, another option to consider might be some sort of import { getSignInUrl } from 'next-auth/client';
async function handleCustomSignIn() {
const baseSignInUrl = await getSignInUrl('auth0', { callbackUrl: '/' })
return window.location = baseSignInUrl + `&foo=bar` // Consumer chooses what to do with the URL
}
......
<Button type="button" onClick={handleCustomSignIn}>Register</Button> Maybe there's too much overlap with |
So this is available in |
🎉 This PR is included in version 3.2.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
According to the spec, additional parameters can be sent to the authorization url, please see the spec:
https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
I would like to send the
prompt: "login"
param, so my users will be forced to log in on the Provider, whenever they click on a button with the handlerNOTE: These params should not be sent in the body as
args
here:next-auth/src/client/index.js
Lines 238 to 251 in 5126f4e
This is why I decided to add a third argument to the
signIn
function instead. This also keeps this change backward compatible.Tested this locally, and it works as intended
This fixes #737, as far as I can tell.