Closed arx111 closed 2 years ago
So it looks like the failed POST
request you've provided is being sent to mycompany.my.salesforce.com/services/oauth2/token
, right? Or is that just copy and pasted from the docs?
Anyway, the working custom request is being sent to test.salesforce.com/services/oauth2/token
.
Our salesforce provider by default has the token url defined as login.salesforce.com/services/oauth2/token
. In fact, all defined URLs for this provider are hardcoded to login.salesforce.com
as the primary host.
It seems that the salesforce provider could use a small refactor to add an additional option to customise the host (or maybe just the subdomain?) of the configured URLs, in order to support this "MyDomain" feature.
For the record, I had some troubles making the Salesforce provider work. At the end, this did it:
SalesforceProvider({
idToken: true,
wellKnown: `https://${process.env.SF_DOMAIN}.my.salesforce.com/.well-known/openid-configuration`,
clientId: process.env.SF_CLIENT_ID,
clientSecret: process.env.SF_CLIENT_SECRET,
authorization: { params: { scope: 'openid api refresh_token' } },
userinfo: {
async request({ provider, tokens, client }) {
return await client.userinfo(tokens, {
params: provider.userinfo?.params,
});
},
},
profile(profile) {
return { id: profile.email, ...profile };
},
}),
Yeah it looks like there is an additional feature for salesforce OAuth which allows users to use their own domain, like the SF_DOMAIN
override yuo've shown in your example code here ^^.
We'd need someone to refactor the existing Salesforce Provider a bit to add this functionality. I'll keep this issue open for now then :+1:
This should be easy to fix, we just have to make the issuer
configurable in: https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/salesforce.js
I.e: https://login.salesforce.com
should come from options.issuer
but still default to https://login.salesforce.com
.
Feel free to open a PR!
not working
@balazsorban44 - is there any way we can tap the token and user info request made by Nextauth?
I am trying to integrate SvelteKit Auth and facing same issue as above. Even after following recommended solution, I am still not able to resolve error!
So I was wondering if there is any way in which I could visually see what I the payload or endpoint that is hit by SveltkitAuth (or Nextauth)
Provider type
Salesforce
Environment
Reproduction URL
https://github.com/arx111/next-auth-example/blob/main/pages/api/auth/%5B...nextauth%5D.ts
Describe the issue
for the Sandbox version of salesforce, we would use
test.salesforce.com
domain instead oflogin.salesforce.com
for all the requests including Oauth2 endpoints. documented here: https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_endpoints.htm&type=5however i get this error when salesforce redirects us to the callback:
the following token retreival request to salesforce:
as described at: https://help.salesforce.com/s/articleView?id=remoteaccess_oauth_web_server_flow.htm&type=5&language=en_US
fails and returns that error
i suspect it is due to incorrectly constructructing the Post request above.
when i implement custom request:
Everything works fine
How to reproduce
attempt to login with default configuration, on test endpoints, this fails
and implement custom request as above. this returns correct response with access token
Expected behavior
we should get access token from salesforce