bug: OAuthCallbackError: OAuth Provider returned an error

Question

bug: OAuthCallbackError: OAuth Provider returned an error

trevorpfiz opened this issue 4 months ago · comments

Trevor Pfizenmaier commented 4 months ago

Provide environment information

System:
OS: Linux 5.15 Ubuntu 20.04.6 LTS (Focal Fossa)
CPU: (16) x64 AMD Ryzen 7 3700X 8-Core Processor
Memory: 5.78 GB / 9.72 GB
Container: Yes
Shell: 5.8 - /usr/bin/zsh
Binaries:
Node: 20.11.0 - ~/.nvm/versions/node/v20.11.0/bin/node
npm: 10.2.4 - ~/.nvm/versions/node/v20.11.0/bin/npm
pnpm: 9.0.0-alpha.1 - ~/.local/share/pnpm/pnpm
bun: 1.0.14 - ~/.local/share/pnpm/bun
Watchman: 2024.01.22.00 - /home/linuxbrew/.linuxbrew/bin/watchman

Describe the bug

nextauthjs/next-auth#9966

Link to reproduction

https://github.com/t3-oss/create-t3-turbo

To reproduce

click 'Sign in with Discord'. click the cancel button on the Discord signin page. see error.

Additional information

it should send back to something like https://turbo.t3.gg/api/auth/signin?error=OAuthCallbackError? instead it is this http://localhost:3000/api/auth/callback/discord?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request

Julius Marminge · Answer 1 · Fri Feb 09 2024 03:00:01 GMT+0800 (China Standard Time)

Make sure you're on beta.9, then remove the AUTH_URL env var, it is not needed and causes some issues still...

Trevor Pfizenmaier · Answer 2 · Fri Feb 09 2024 03:35:04 GMT+0800 (China Standard Time)

Make sure you're on beta.9, then remove the AUTH_URL env var, it is not needed and causes some issues still...

yep I did. still getting the error. only get this error in development it seems.

Julius Marminge · Answer 3 · Fri Feb 09 2024 05:07:58 GMT+0800 (China Standard Time)

gonna need a different reproduction then since https://turbo.t3.gg works and signs you in properly..

Trevor Pfizenmaier · Answer 4 · Fri Feb 09 2024 05:30:00 GMT+0800 (China Standard Time)

gonna need a different reproduction then since https://turbo.t3.gg works and signs you in properly..

right. works in production, but not in development for me. didn't realize when I first made the issue. sorry about that.

Julius Marminge · Answer 5 · Fri Feb 09 2024 05:35:50 GMT+0800 (China Standard Time)

still gonna need some more info cause repo works fine for me. what envs do you have (obv don't give me secrets), can you verify the version is beta.9 in pnpm-lock? cleared node_modules etc (run pnpn clean:workspaces)?

DB_HOST='aws.connect.psdb.cloud'
DB_NAME='personal'
DB_USERNAME=''
DB_PASSWORD='pscale_pw_'

AUTH_SECRET=""
AUTH_DISCORD_ID=""
AUTH_DISCORD_SECRET=""

CleanShot.2024-02-08.at.22.32.41.mp4

Julius Marminge · Answer 6 · Fri Feb 09 2024 05:41:38 GMT+0800 (China Standard Time)

also remove the proxy url if you have that set. not sure why that was in the example env in the first place as it's strictly to get preview envs working and not needed in dev 😅

Trevor Pfizenmaier · Answer 7 · Fri Feb 09 2024 06:23:44 GMT+0800 (China Standard Time)

On the Discord page does it error when you click the cancel button instead of authorize? login works, but the cancel errors on development for me. I already removed the proxy secret.

Trevor Pfizenmaier · Answer 8 · Fri Feb 09 2024 11:28:14 GMT+0800 (China Standard Time)

https://www.loom.com/share/7d8d95668bc8422b99c9f28b45197ec2?sid=f68db43b-4004-45d3-83b0-0b3cc403ab1b

fresh install with these envs. I should have done a video from the start like you did.

# The database URL is used to connect to your PlanetScale database.
DB_HOST='aws.connect.psdb.cloud'
DB_NAME='create-t3-turbo'
DB_USERNAME=''
DB_PASSWORD='pscale_pw_'

AUTH_SECRET=''
AUTH_DISCORD_ID=''
AUTH_DISCORD_SECRET=''

Trevor Pfizenmaier · Answer 9 · Sat Feb 10 2024 02:02:25 GMT+0800 (China Standard Time)

export const runtime = "edge" in [...nextauth]/route.ts is causing this error

Julius Marminge · Answer 10 · Sat Feb 10 2024 02:31:36 GMT+0800 (China Standard Time)

Cant see how that's related to the update. What database do you use? Planetscale is edge compat so it's only if you've changed the db provider

Trevor Pfizenmaier · Answer 11 · Sun Feb 11 2024 01:05:59 GMT+0800 (China Standard Time)

I am using Planetscale. Same error here nextauthjs/next-auth#9869

Julius Marminge · Answer 12 · Sun Feb 11 2024 01:14:07 GMT+0800 (China Standard Time)

Are you returning false in your signin? Then we can close this issue as the template doesnt do that and the issue is tracked upstream.

Trevor Pfizenmaier · Answer 13 · Sun Feb 11 2024 02:10:50 GMT+0800 (China Standard Time)

Are you returning false in your signin? Then we can close this issue as the template doesnt do that and the issue is tracked upstream.

I haven't changed any code other than adding my env vars. All I know is when I cancel the Discord sign-in flow in development, with edge set, I get the error with a fresh clone of this template.

Julius Marminge · Answer 14 · Sun Feb 11 2024 02:15:05 GMT+0800 (China Standard Time)

I see - let's keep it open then until it's fixed upstream (probably beta.10). I dont think there's anything wrong with our code here though

Yiannis Panagidis · Answer 15 · Sun Feb 11 2024 04:27:53 GMT+0800 (China Standard Time)

I should also mention that my issue (nextauthjs/next-auth#9869) originated with t3 turbo but i reproduce it with a normal next app. Basically any time the auth flow is not successful for any reason on the edge runtime it throws a type error that I cannot catch/handle no matter what I try. Same behaviour but not on edge just redirects to the default error page of next auth or you cant catch/handle normally. Nothing much to do with t3 turbo.

Adam · Answer 16 · Fri Mar 15 2024 23:56:16 GMT+0800 (China Standard Time)

Related but different - why is AUTH_URL no longer needed? Is that specific to this deployment pattern or the underlying libraries? For context, I'm deploying through a docker container (GCP Cloud Run) + while my redirect_uri is properly set, I get routed to https://0.0.0.0:3000/api/auth/error?error=CallbackRouteError after I sign in with the provider (Google, in my case).

Any thoughts?