oauth-2.0 - 将 NextAuth 与 oauth_get_access_token_error 和 oauth_callback_error 一起使用时的登录回调错误

Question

我正在尝试将自定义 oauth 提供程序添加到我的 next.js 应用程序中。我正在添加自定义提供程序[...nextauth].js：

export default NextAuth({
  // Configure one or more authentication providers
  providers: [
  {
    id: "moneybutton",
    name: "Money Button",
    type: "oauth",
    version: "2.0",
    scope: "auth.user_identity:read users.profiles:read users.profiles.email:read users.balance:read",
    params: {
      grant_type: "authorization_code"
    },
    accessTokenUrl: "https://www.moneybutton.com/oauth/v1/token",
    requestTokenUrl: "https://www.moneybutton.com/oauth/v1/token",
    authorizationUrl: "https://www.moneybutton.com/oauth/v1/authorize?response_type=code",
    profileUrl: "https://www.moneybutton.com/api/v1/auth/user_identity",

    profile(profile) {
      return {
        id: profile.data.attributes.id,
        name: profile.data.attributes.name,
      };
    },
    clientId: 'my_oauth_identifier',
    clientSecret: 'my_client_secret'
  }
    // ...add more providers here
  ],

  debug: true
});

OAuth 流程似乎工作正常，因为我看到我的个人资料 ID 在响应中返回，但它在http://localhost:3000/api/auth/signin?error=Callback

我将调试设置为 true，但出现以下错误：

[next-auth][error][oauth_get_access_token_error]
https://next-auth.js.org/errors#oauth_get_access_token_error {
  statusCode: 400,
  data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
} undefined undefined
[next-auth][error][oauth_get_access_token_error]
https://next-auth.js.org/errors#oauth_get_access_token_error {
  statusCode: 400,
  data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'
} moneybutton 9f3970b8ae39f9d46f9fae56f6fb6135ecb7e87b
[next-auth][error][oauth_callback_error]
https://next-auth.js.org/errors#oauth_callback_error {
  statusCode: 400,
  data: '{"errors":[{"id":"6da534f0-a512-11eb-92e8-891975d02f44","status":400,"title":"Bad Request","detail":"Invalid client: client is invalid"}],"jsonapi":{"version":"1.0"}}'

它说客户端无效，但我确信 oauth 标识符和秘密是正确的，并且重定向 URL 设置为http://localhost:3000/api/auth/callback/moneybutton.

如果有帮助，配置文件的响应如下所示：

{
    "data": {
        "id": "75101",
        "type": "user_identities",
        "attributes": {
            "id": "75101",
            "name": "John Doe"
        }
    },
    "jsonapi": {
        "version": "1.0"
    }
}

文档链接：

• https://next-auth.js.org/configuration/providers
• https://docs.moneybutton.com/docs/api/v1/api-v1-user-identity

我不知道这是否是一些错误或我的方法是错误的，并且会感谢任何帮助