npm ory/hydra-client - OAuth2API - acceptOAuth2LoginRequest()

[mpoletiek]

Preflight checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions.
• [X] I agree to follow this project's Code of Conduct.
• [X] I have read and am following this repository's Contribution Guidelines.
• [X] I have joined the Ory Community Slack.
• [X] I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

No response

Describe the bug

NextJS App w/ @ory/hydra-client 2.2.0-rc.3

https://ory-community.slack.com/archives/C012RBW0F18/p1696904353402089

acceptOAuth2LoginRequest(login_challenge, {subject: user.user.address}); // This got loginChallenge undefined error from NodeJS. acceptOAuth2LoginRequest({loginChallenge: login_challenge}, {subject: user.user.address}); // This got undefined subject error from hydra. acceptOAuth2LoginRequest({loginChallenge: login_challenge}, {subject: String(user.user.address),}); // This got undefined subject error from hydra.`

https://github.com/ory/hydra-login-consent-node/ uses "V0alpha2Api" which doesn't exist, but has the following syntax:

.adminAcceptOAuth2LoginRequest(challenge, {
            // All we need to do is to confirm that we indeed want to log in the user.
            subject: String(body.subject),
          })

Reproducing the bug

npm run dev

Relevant log output

When using acceptOAuth2LoginRequest({loginChallenge: login_challenge}, {subject: String(user.user.address),}); or acceptOAuth2LoginRequest({loginChallenge: login_challenge}, {subject: user.user.address});

data: {
      error: 'invalid_request',
      error_description: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Field 'subject' must not be empty."
    }
  },
  isAxiosError: true,
  toJSON: [Function: toJSON]
}
Request failed with status code 400
Subject:  test

When using acceptOAuth2LoginRequest(login_challenge, {subject: user.user.address});

RequiredError: Required parameter loginChallenge was null or undefined when calling acceptOAuth2LoginRequest.
    at exports.assertParamExists (/home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/common.js:39:15)
    at Object.<anonymous> (/home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/api.js:796:22)
    at Generator.next (<anonymous>)
    at /home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/api.js:21:71
    at new Promise (<anonymous>)
    at __awaiter (/home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/api.js:17:12)
    at Object.acceptOAuth2LoginRequest (/home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/api.js:794:95)
    at Object.<anonymous> (/home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/api.js:1741:75)
    at Generator.next (<anonymous>)
    at /home/mwa/www/login-xxx-xxx/node_modules/@ory/hydra-client/dist/api.js:21:71 {
  field: 'loginChallenge'
}
Required parameter loginChallenge was null or undefined when calling acceptOAuth2LoginRequest.
Subject:  test

Relevant configuration

hydra_config.ts

'use server'
import { Configuration, OAuth2Api } from "@ory/hydra-client"

const hydraAdmin = new OAuth2Api(
  new Configuration({
    basePath: "http://127.0.0.1:4445/",
  }),
)

export { hydraAdmin }

/pages/api/auth/[...nextauth].js

import NextAuth from "next-auth";
import { MoralisNextAuthProvider } from "@moralisweb3/next";
import { Configuration, OAuth2Api } from "@ory/hydra-client";
import { hydraAdmin } from '../../../src/hydra_config.ts';

export default NextAuth({
  providers: [MoralisNextAuthProvider()],
  // adding user info to the user session object
  callbacks: {
    async jwt({ token, user }) {
      if (user) {
        token.user = user;
      }
      console.log("BACKEND jwt");
      return token;
    },
    async session({ session, token }) {
      session.user = token.user;
      console.log("BACKEND session");
      return session;
    },
    async signIn(user, account, profile){
      console.log("BACKEND signIn");
      console.log(user);

      let payload = JSON.parse(user.user.payload);
      let login_challenge = payload.login_challenge;
      console.log(login_challenge);
      let address = user.user.address;
      console.log(address);

      // Try to accept login request with hydra
      if(user){
        try {
          console.log(login_challenge);
          var options = {subject: String(address),};

          let accpt_req = await hydraAdmin.acceptOAuth2LoginRequest(login_challenge,{subject: address,});

        }
        catch (error) {
          console.log(error);
          console.log(error.message);
          console.log("Subject: ",address);
        }

        console.log("ACCEPT LOGIN REQUEST");
        console.log(accpt_req);

        /*
        hydraAdmin.acceptOAuth2LoginRequest(login_challenge, {
          // All we need to do is to confirm that we indeed want to log in the user.
          subject: String(body.subject),
        })
        */
        console.log("Subject: %s" % (address));

      }

      return true;
    },
  },
});

Version

package.json

"dependencies": {
    "@moralisweb3/next": "^2.23.1",
    "@ory/client": "^1.2.10",
    "@ory/hydra-client": "^2.2.0-rc.3",
    "@ory/integrations": "^1.1.5",
    "csurf": "^1.11.0",
    "fs": "^0.0.1-security",
    "moralis": "^2.23.1",
    "net": "^1.0.2",
    "next": "^12.3.4",
    "next-auth": "^4.23.1",
    "react": "^18.2.0",
    "react-dom": "^18.2.0",
    "request": "^2.88.2",
    "tls": "^0.0.1",
    "viem": "^1.14.0",
    "wagmi": "^1.4.2"
  },
  "devDependencies": {
    "@types/react": "18.2.22",
    "typescript": "5.2.2"
  },

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Other

Additional Context

No response

[mpoletiek]

I resolved this by using the following syntax:

var accpt_req = await hydraAdmin.acceptOAuth2LoginRequest({loginChallenge: login_challenge, acceptOAuth2LoginRequest: {'subject': address}});