next-auth
next-auth copied to clipboard
nextauthjs
Add error for oauth denial
☕️ Reasoning
Adds another error type to oauth2 abortion. When an oauth2 request is actively cancelled by the user, this error type will be used.
With that, it is possible to identify an cancellation as intended and react properly. This is useful if you have for example only one provider and redirect on /api/auth/signin directly to this provider. That would currently end in an infintie loop, which
can be avoid by checking if the user canceled the request intentionally.
🧢 Checklist
- [x] Documentation
- [x] Tests
- [x] Ready to be merged
🎫 Affected issues
Fixes: https://github.com/nextauthjs/next-auth/discussions/3682
📌 Resources
- Contributing guidelines
- Code of conduct
- Contributing to Open Source
The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Updated |
|---|---|---|---|
| next-auth | ✅ Ready (Inspect) | Visit Preview | Aug 15, 2022 at 3:48PM (UTC) |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hey,
I wasn't quite sure, if this update is what you meant. I added the other oauth2 error responses and tried to sort them by "fault" (developer, user, etc.).
Depending on the fault, the user sees a different message and the error is logged.
Furthermore, I tried to add a bit more documentation, however I don't know if that's what you meant.
Good/bad news, this will be handled in the new @auth/core package: https://github.com/nextauthjs/next-auth/blob/2cbf81544523044596125d2c87175ee4ec61df06/packages/core/src/lib/oauth/callback.ts#L80C7-L87, but not planning to backport it for next-auth at the moment. Thanks for the PR anyway!
