Open ChrGrb opened 1 year ago
I've run into the same issue, it seems the Apple Auth simply doesn't work currently. I've tried 5.0.0-beta.20 and 5.0.0-beta.21 following the documentation and the issue is a server error that occurs after successfully logging in and authenticating on the Apple side then redirecting to the callback url which throws an error.
I've also tried some workarounds that were posted but they did not work either.
https://github.com/nextauthjs/next-auth/issues/6788#issuecomment-2362096320
Provider type
Apple
Environment
System: OS: macOS 14.0 CPU: (8) arm64 Apple M1 Pro Memory: 68.98 MB / 16.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 18.15.0 - ~/.nvm/versions/node/v18.15.0/bin/node Yarn: 1.22.19 - ~/.yarn/bin/yarn npm: 9.5.0 - ~/.nvm/versions/node/v18.15.0/bin/npm pnpm: 8.6.10 - ~/.nvm/versions/node/v18.15.0/bin/pnpm Browsers: Chrome: 110.0.5481.177 Safari: 17.0
Reproduction URL
https://authjs.dev/reference/core/providers_apple
Describe the issue
Using the Apple provider in it's current state gives a userinfo endpoint not configured error, as described in this issue: https://github.com/nextauthjs/next-auth/issues/6788
This can be fixed by simply providing a token endpoint (I feel like this should be stated in the error message).
The current Apple provider is not correctly configured. The authorization request is sent using the response mode form_post, which returns the code used for the OAuth flow in the body, instead of the query. The current approach only sends the query to the handleOAuth function and not the body.
One fix for this is to define
response_mode: "query"
and setscope: ""
, as the endpoint does not allow the request of additional information in this mode.This makes the provider work, but fails to get the name or email of the user.
For the case that the body is passed instead of the query the relevant user data is in the authorization response, instead of the token response. This would probably be the behaviour that the library currently expects. This behaviour is also described in this issue: https://github.com/nextauthjs/next-auth/issues/7596
There is currently no way to get to this additional data.
Additionally the provider is currently missing the wellKnown and authorization endpoint.
How to reproduce
Expected behavior