oktadev / okta-nextjs-typescript-example

Next.js with TypeScript Example
https://developer.okta.com/blog/2020/11/13/nextjs-typescript
Apache License 2.0
12 stars 11 forks source link

The example only works when you are not usign PKCE #2

Open AgusMarquezUala opened 2 years ago

AgusMarquezUala commented 2 years ago

The OktaProvider should support PKCE, since its the most secure way to implement an OpenID-OAuth flow for an SPA. The only way to implement that using nextAuth is by setting a custom provider.

sebastianmulders commented 2 years ago

@AgusMarquezUala good catch. Yet we still can't get it to work here, even with a custom provider. Every time the session doesn't seem to get set properly. Did you get it to work? If yes, do you mind sharing your solution?