search

nextauthjs / next-auth

Authentication for the Web.
https://authjs.dev
ISC License
24.1k stars 3.34k forks source link

Returns "Try signing in with a different account" after logging in Gmail SSO #8246

Open gitgetgotgotten opened 1 year ago

gitgetgotgotten commented 1 year ago

Environment

System: OS: Windows 10 10.0.19045 CPU: (8) x64 Intel(R) Core(TM) i7-6820HQ CPU @ 2.70GHz Memory: 18.46 GB / 31.92 GB Binaries: Node: 16.16.0 - C:\Program Files\nodejs\node.EXE npm: 8.11.0 - C:\Program Files\nodejs\npm.CMD Browsers: Firefox: 115.0.3.8607

Reproduction URL

https://github.com/nextauthjs/next-auth-example

Describe the issue

I just cloned the next-auth-example, ran npm install, and cp .env.local.example .env.local. And then modified .env.local and changed GOOGLE_ID and GOOGLE_SECRET to what I got from google console. And finally ran npm run dev and opened http://localhost:3000/api/auth/signin?callbackUrl=%2Fme in my browser and clicked on Sign in with Google, logged in and it redirected to http://localhost:3000/api/auth/signin?error=OAuthCallback with the message Try signing in with a different account.

And in console it returned:

[next-auth][error][OAUTH_CALLBACK_ERROR] https://next-auth.js.org/errors#oauth_callback_error expected 200 OK, got: 403 Forbidden { error: OPError: expected 200 OK, got: 403 Forbidden at processResponse (C:\Users\user\Desktop\next-auth-example\node_modules\openid-client\lib\helpers\process_response.js:41:11) at C:\Users\user\Desktop\next-auth-example\node_modules\openid-client\lib\helpers\issuer.js:47:22 at processTicksAndRejections (node:internal/process/task_queues:96:5) at async Issuer.queryKeyStore (C:\Users\user\Desktop\next-auth-example\node_modules\openid-client\lib\helpers\issuer.js:83:20) at async Client.validateJWT (C:\Users\user\Desktop\next-auth-example\node_modules\openid-client\lib\client.js:1035:14) at async Client.validateIdToken (C:\Users\user\Desktop\next-auth-example\node_modules\openid-client\lib\client.js:745:49) at async Client.callback (C:\Users\user\Desktop\next-auth-example\node_modules\openid-client\lib\client.js:488:7) at async oAuthCallback (C:\Users\user\Desktop\next-auth-example\node_modules\next-auth\core\lib\oauth\callback.js:109:16) at async Object.callback (C:\Users\user\Desktop\next-auth-example\node_modules\next-auth\core\routes\callback.js:52:11) at async AuthHandler (C:\Users\user\Desktop\next-auth-example\node_modules\next-auth\core\index.js:208:28) at async NextAuthApiHandler (C:\Users\user\Desktop\next-auth-example\node_modules\next-auth\next\index.js:22:19) at async NextAuth._args$ (C:\Users\user\Desktop\next-auth-example\node_modules\next-auth\next\index.js:107:14) { name: 'OAuthCallbackError', code: undefined }, providerId: 'google', message: 'expected 200 OK, got: 403 Forbidden' }

How to reproduce

Just clone the https://github.com/nextauthjs/next-auth-example and set the provider's id and secret, npm install, npm run dev, and simply login with Gmail, it will reproduce in my case.

Expected behavior

To login successfully login to to my local site and get the session.

Ho3einWave commented 1 year ago

I'm encountering the same problem. I attempted to include my email as a tester for the project within the Google Cloud Console, but unfortunately, the issue persists.

gitgetgotgotten commented 1 year ago

It seems it is because we are in a restricted country and Google doesn't allow specific countries to use its specific services like this one. I'm saying this because it doesn't work either when I use googleapis and it returns 403, however, when I use a proxy, it will work. I wonder if there would be an approach to set a proxy in next-auth, that would be perfect.