TypeError: Cannot read properties of undefined (reading 'split') in openid-client

[BEEFF]

Environment

I'm using NextJS, builds started failing on Vercel then I updated packages on dev and got the errors.

System: Shell: 5.8 - /usr/bin/zsh Binaries: Node: 18.12.0 - ~/.nvm/versions/node/v18.12.0/bin/node Yarn: 1.22.19 - ~/.nvm/versions/node/v18.12.0/bin/yarn npm: 9.4.2 - ~/.nvm/versions/node/v18.12.0/bin/npm Browsers: Chrome: 110.0.5481.177 Firefox: 111.0.1

Reproduction URL

n/a

Describe the issue

Getting the following error when attempting to authenticate with nextjs with any provider.

TypeError: Cannot read properties of undefined (reading 'split') 

eval
node_modules/oidc-token-hash/lib/shake256.js (3:30)
./node_modules/oidc-token-hash/lib/shake256.js
file:///home/thomas/Flamingo/flamingo-aggregator/.next/static/chunks/pages/_app.js (14895:1)

In the shake256.js, process.versions.node is undefined

How to reproduce

    "next": "^13.3.0",
    "next-auth": "^4.22.0",
    "react-dom": "^18.2.0",
    "react": "^18.2.0",

My _app.js file:

export default function App({ Component, pageProps: {session, ...pageProps} }) {

  const [open, setOpen] = useState(false);

  return (
    <ErrorBoundary>
      <SessionProvider session={session}>
        <AuthProvider>
          <ThemeProvider>
            <RootStyle>
              <DashboardNavbar onOpenSidebar={() => setOpen(true)} />
                <DashboardSidebar isOpenSidebar={open} onCloseSidebar={() => setOpen(false)} />
                  <MainStyle>
                      <Component {...pageProps}  />
                  </MainStyle>
                </RootStyle>
          </ThemeProvider>
        </AuthProvider>
      </SessionProvider>
    </ErrorBoundary>
  )
}

Expected behavior

Authentication should be successful!

[BEEFF]

The shake256.js file looks like this: next-auth pulls this in

const crypto = require('crypto');

const [major, minor] = process.versions.node.split('.').map((x) => parseInt(x, 10));
const xofOutputLength = major > 12 || (major === 12 && minor >= 8);
const shake256 = xofOutputLength && crypto.getHashes().includes('shake256');

module.exports = shake256;

Not really sure where to start with this one, perhaps a change on vercel has caused the issue because everything was working fine for ages, I push new build and all authentication breaks. Though I have managed to reproduce the error in dev now.

[balazsorban44]

You are likely using next-auth in the edge runtime, which is currently not supported.

Note: n/a is not a reproduction. Please always provide one to help your case.

[BEEFF]

You are likely using next-auth in the edge runtime, which is currently not supported.

Note: n/a is not a reproduction. Please always provide one to help your case.

@balazsorban44 Thank you for your response. What is strange though is everything was working fine in vercel until I pushed a new build with no changes to runtime config? Has vercel changed something that has caused this? Not sure where to look.

[sobencha-mz]

@BEEFF Any luck on this one? Also starting yesterday I have been running into the exact same issue. Fresh npm install after having deleted node_modules breaks everything so it must be a bad dep of a dep or something? Can confirm that it has nothing do to with edge runtime, or specifically Vercel-related; I'm using a pretty standard docker-based deployment to GKE. Regardless of deployment target, this is immediately reproducible locally (for me a least).

[sobencha-mz]

@BEEFF FYI, the underlying issue for this problem appears to be related to the oidc-token-hash library, which had a release in the past couple of days with a change that's got to be it -> https://github.com/panva/oidc-token-hash/pull/7/files#diff-d3a2bc859c51b926d253f72c9fb0f41e227cb0689b59c0df9533f2971aeb1e8eL3

Short-term, I have just fixed that dep to the previous version...

"overrides": {
    "oidc-token-hash": "5.0.1"
 }

[BEEFF]

@BEEFF FYI, the underlying issue for this problem appears to be related to the oidc-token-hash library, which had a release in the past couple of days with a change that's got to be it -> https://github.com/panva/oidc-token-hash/pull/7/files#diff-d3a2bc859c51b926d253f72c9fb0f41e227cb0689b59c0df9533f2971aeb1e8eL3

Short-term, I have just fixed that dep to the previous version...

"overrides": {
    "oidc-token-hash": "5.0.1"
 }

@sobencha-mz Did this work for you? Did not work for me :(

[bigyankarki]

@sobencha-mz

@BEEFF FYI, the underlying issue for this problem appears to be related to the oidc-token-hash library, which had a release in the past couple of days with a change that's got to be it -> https://github.com/panva/oidc-token-hash/pull/7/files#diff-d3a2bc859c51b926d253f72c9fb0f41e227cb0689b59c0df9533f2971aeb1e8eL3

Short-term, I have just fixed that dep to the previous version...

"overrides": {
    "oidc-token-hash": "5.0.1"
 }

This worked like a charm. We have been struggling since yesterday.

[Is0MerLNtaLt]

@BEEFF FYI, the underlying issue for this problem appears to be related to the oidc-token-hash library, which had a release in the past couple of days with a change that's got to be it -> https://github.com/panva/oidc-token-hash/pull/7/files#diff-d3a2bc859c51b926d253f72c9fb0f41e227cb0689b59c0df9533f2971aeb1e8eL3

Short-term, I have just fixed that dep to the previous version...

"overrides": {
    "oidc-token-hash": "5.0.1"
 }

For those of you using yarn, add the following to your package.json -

"resolutions": {
  "oidc-token-hash": "5.0.1"
}

[charlesaguiar]

@BEEFF FYI, the underlying issue for this problem appears to be related to the oidc-token-hash library, which had a release in the past couple of days with a change that's got to be it -> https://github.com/panva/oidc-token-hash/pull/7/files#diff-d3a2bc859c51b926d253f72c9fb0f41e227cb0689b59c0df9533f2971aeb1e8eL3

Short-term, I have just fixed that dep to the previous version...

"overrides": {
    "oidc-token-hash": "5.0.1"
 }

Worked like a charm for me too! Don't forget to run npm install after setting up the override.

[jmarks-joshua]

I'm getting this issue, but where it seems a package called 'jose' is the cause.

It's got the exact same line of code in const [major, minor] = process.versions.node.split('.').map((x) => parseInt(x, 10));

That seems to be the cause of the problems for both packages.

[jmarks-joshua]

I was able to resolve this issue, by using a webpack plugin in my next.config.js file

config.plugins.push(
  new webpack.DefinePlugin({
    'process.versions': JSON.stringify(process.versions),
  })
)

[newme616]

have the same problem, nothing worked. Has something to do with nodemailer I guess in my case

[codiak]

I have this problem with the latest version of the chatbot repo: https://github.com/vercel-labs/ai-chatbot/blob/main/package.json

I made sure my Node version was up to date (v18).

Attempted the above override (oidc-token-hash to v5.0.1).

Tried installing the latest as an override (oidc-token-hash to v5.0.3).

Then, after forking oidc-token-hash and addressing the underlying issue with a patch:

  "overrides": {
    "oidc-token-hash": "github:codiak/oidc-token-hash#main"
  }

...I ran into:

Error: The edge runtime does not support Node.js 'crypto' module.
Learn More: https://nextjs.org/docs/messages/node-module-in-edge-runtime

After disabling the edge runtime (and "serverActions"), I thought I could get something running. Nope:

TypeError: Cannot read properties of undefined (reading 'custom')
> webpack-internal:///(middleware)/./node_modules/openid-client/lib/device_flow_handle.js (97)

Which ultimately looks to be a Next Auth / AI Chatbot issue, so if I discover anything I'll report it on the appropriate bug over there: https://github.com/vercel-labs/ai-chatbot/issues/133

[Markeljan]

I'm having success using next-auth@beta with next 14 but not fully done yet

[muhammedrepo]

I'm having success using next-auth@beta with next 14 but not fully done yet

This worked for me too Thank you @Markeljan