Missing code verifier on cookie after authenticate in callback

[caprica]

I am migrating from an earlier version of this library to the latest version.

I follow the steps in the project README.

After triggering and completing a GitHub login, where it asks me to verify by SMS, my configured redirect URI is invoked and in that callback I invoke authenticate() on the authenticator.

It gives this error:

ReferenceError: Missing code verifier on cookie.
    at GitHubStrategy.authenticate (file:///home/user/auth-test/node_modules/remix-auth-github/src/index.ts:108:10)
    at Authenticator.authenticate (file:///home/user/auth-test/node_modules/remix-auth/src/index.ts:59:19)
    at loader (/home/user/auth-test/apps/remix-auth-app/app/auth/provider-callback.tsx:6:38)
    at Object.callRouteLoader (/home/user/auth-test/node_modules/@remix-run/server-runtime/dist/data.js:59:22)

Any clues what I may be doing wrong here?

[dantrain]

I have the same issue. I believe a code verifier is part of PKCE (Proof Key for Code Exchange) which is not supported by GitHub. I think therefore the check for code verifier should be removed.

[sergiodxa]

Seems I left that when I copied the OAuth2Strategy to use as the base for this one, just released v3.0.1 which removes the validation for the code verifier in the cookie.

[dantrain]

Got it working now, thanks for fixing this so quickly!

Incidentally, when deploying to Cloudflare Pages I had an issue where the User-Agent header was missing on my request to get the user email, which is required. Might be worth adding this to the examples in the README.