Hebilicious / authjs-nuxt

AuthJS edge-compatible authentication Nuxt module.
https://authjs-nuxt.pages.dev/
MIT License
253 stars 28 forks source link

AzureAd routes returning empty response #88

Closed JaeTLDR closed 1 year ago

JaeTLDR commented 1 year ago

Environment

node : v18.15.0

{ "name": "nuxt-app", "private": true, "scripts": { "build": "nuxt build", "dev": "nuxt dev --https --ssl-cert cert.pem --ssl-key key.pem", "generate": "nuxt generate", "preview": "nuxt preview", "postinstall": "nuxt prepare" }, "devDependencies": { "@nuxt/devtools": "latest", "nuxt": "^3.7.0", "nuxt-security": "^0.14.4" }, "dependencies": { "@auth/core": "^0.10.4", "@hebilicious/authjs-nuxt": "^0.3.0-beta.2", "@pinia/nuxt": "^0.4.11", "h3": "^1.8.1", //< added manually to better match your example in getting started. "next-auth": "^4.23.1", "sass": "^1.66.1" } }

Reproduction

basically the same as the getting-strted. repo link can be provided as needed

Describe the bug

I created a brand new nuxt project with minimal changes attempted to use sidewinder but face multiple issues, moved to this repo. I got the basics working however using the example in 'getting started' the js login button gets to the code endpoint i get the 'localhost didn't send any data' error, the 'Native Link Sign in' worked however clicking the Azuread button on that page also errors with no content.

Additional context

I am moving an existing vue3 SPA app to nuxt but require auth t work first hence the relatively empty repo

Logs

No response

Hebilicious commented 1 year ago

Could you provide your nuxt.config or a reproduction please?

JaeTLDR commented 1 year ago

image

clientID secret and tenant are set but not moved to ENV file yet hence the removal

import { resolve } from "node:path"
// https://nuxt.com/docs/api/configuration/nuxt-config
export default defineNuxtConfig({
  devtools: { enabled: true },
  modules: [
    // "nuxt-security",
    "@hebilicious/authjs-nuxt"
  ],
  authJs: {
    baseUrl: "https://localhost:8080",
    guestRedirectTo: "/",
    authenticatedRedirectTo: "/",
    verifyClientOnEveryRequest: true
  },
  alias: {
    cookie: resolve(__dirname, "node_modules/cookie"),
    core: resolve(__dirname, "@auth/core")
  },
  runtimeConfig: {
    auth: {
      clientId: "", 
      clientSecret: "",
      tenantId:     "",
    },
    public: {
      authJs: {
        baseUrl: "https://localhost:8080",
        verifyClientOnEveryRequest: true 
      }
    }
  },
  devServer: {
    port: 8080,
    https: {
      key: './key.pem',
      cert: './cert.pem',
    }
  },

})
Hebilicious commented 1 year ago

@JaeTLDR I'm assuming this is auth.js related, but I can't tell you more without a reproduction. If you can use the module with another provider such as google or github, but not AD, then its best to look at auth.js issues directly.

JaeTLDR commented 1 year ago

Unfortunately I cannot use any other providers as this is for a work project.

I have built a new next app with my personal Azure and a Google auth and all is working well. I do believe this is upstream as the only difference in Azure AD configuration is the allowed login (my app only worked with All accounts option, not my tenant only). I will create a new issue on Auth.js repo.

JaeTLDR commented 1 year ago

Hi Herbilicious,

nextauth haven't responded at all but I think I have found the issue and hopefully you may have an answer for me. It appears the redirect url is being generated with http even though im using https for all the front end (due to other issues occuring..), i had a look though the next auth issues and have tried setting the following but not working. do you have any ideas?

   NUXT_AUTH_AUTHJS_BASEURL=https://localhost:8080
NODE_TLS_REJECT_UNAUTHORIZED=0
NUXT_TLS_REJECT_UNAUTHORIZED=0
AUTH_TRUST_HOST=1
NEXTAUTH_URL=https://localhost:8080
JaeTLDR commented 1 year ago

Fixed the issue. i went back to HTTP for local development, i then added the logger module to my AuthConfig which pointed me to my app registration being for SPA client apps not a Web app. after fixing these i have successfully got it working.

It may be worth adding the logger to your documentation. I used

logger: {
        error(code, metadata) {
            console.log(code,metadata) //log.error(code, metadata)
        },
        warn(code) {
            console.log(code,metadata) //log.warn(code)
        },
        debug(code, metadata) {
            console.log(code,metadata) //log.debug(code, metadata)
        }
    }

feel free to close this issue, thanks

Hebilicious commented 1 year ago

Fixed the issue. i went back to HTTP for local development, i then added the logger module to my AuthConfig which pointed me to my app registration being for SPA client apps not a Web app. after fixing these i have successfully got it working.

It may be worth adding the logger to your documentation. I used

logger: {
        error(code, metadata) {
            console.log(code,metadata) //log.error(code, metadata)
        },
        warn(code) {
            console.log(code,metadata) //log.warn(code)
        },
        debug(code, metadata) {
            console.log(code,metadata) //log.debug(code, metadata)
        }
    }

feel free to close this issue, thanks

Glad this works for you now.