search

sidebase / nuxt-auth

Authentication built for Nuxt 3! Easily add authentication via OAuth providers, credentials or Email Magic URLs!
https://auth.sidebase.io
MIT License
1.25k stars 162 forks source link

GlobalMiddleware not storing cookies for callback request #473

Closed JonathanGildevall closed 10 months ago

JonathanGildevall commented 1 year ago

Environment

Reproduction

playground with Keycloak provider. Probably any providet that uses state/pkce.

Describe the bug

Setup playground with keycloak auth provider.

Go to url http://localhost:3000/protected/globally

Sign in with keycloak

Observe failed login and console logs about missing state cookie

Additional context

When adding storage of next-auth.state and next-auth.pkce.code_verifier in eventHandler, using useStorage from nitro and adding those cookies before the callback request makes the flow above work without issues.

Solution needs to store cookies on server between requests.

Logs

No response

andreasvirkus commented 1 year ago

Also happens with Slack provider

"@sidebase/nuxt-auth": "0.5.0",
[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error State cookie was missing. {
  error: TypeError: State cookie was missing.
      at Object.use (/Users/anc/code/matchbox/monorepo/node_modules/next-auth/core/lib/oauth/checks.js:103:23)
      at oAuthCallback (/Users/anc/code/matchbox/monorepo/node_modules/next-auth/core/lib/oauth/callback.js:89:25)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Object.callback (/Users/anc/code/matchbox/monorepo/node_modules/next-auth/core/routes/callback.js:52:11)
      at async AuthHandler (/Users/anc/code/matchbox/monorepo/node_modules/next-auth/core/index.js:201:28)
      at <anonymous> (/Users/anc/code/matchbox/monorepo/node_modules/@sidebase/nuxt-auth/dist/runtime/server/services/nuxtAuthHandler.mjs:118:24)
      at async Object.handler (file:///Users/anc/code/matchbox/monorepo/node_modules/h3/dist/index.mjs:1630:19)
      at async Server.toNodeHandle (file:///Users/anc/code/matchbox/monorepo/node_modules/h3/dist/index.mjs:1840:7) {
    name: 'OAuthCallbackError',
    code: undefined
  },
  providerId: 'slack',
  message: 'State cookie was missing.'
}
vinayakkulkarni commented 11 months ago 
"overrides": {
  "next-auth": "4.22.5"
},
"devDependencies": {
  "@sidebase/nuxt-auth": "^0.6.0-rc.0",
}
[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error State cookie was missing. {
  error: TypeError: State cookie was missing.
      at Object.use (/u/v/project/node_modules/next-auth/core/lib/oauth/checks.js:103:23)
      at oAuthCallback (/u/v/project/node_modules/next-auth/core/lib/oauth/callback.js:89:25)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async Object.callback (/u/v/project/node_modules/next-auth/core/routes/callback.js:52:11)
      at async AuthHandler (/u/v/project/node_modules/next-auth/core/index.js:208:28)
      at <anonymous> (/u/v/project/node_modules/@sidebase/nuxt-auth/dist/runtime/server/services/authjs/nuxtAuthHandler.mjs:88:24)
      at async Object.handler (file:///u/v/project/node_modules/h3/dist/index.mjs:1630:19)
      at async Server.toNodeHandle (file:///u/v/project/node_modules/h3/dist/index.mjs:1840:7) {
    name: 'OAuthCallbackError',
    code: undefined
  },
  providerId: 'google',
  message: 'State cookie was missing.'
}

getting the same error :X

zoey-kaiser commented 11 months ago

Hi @JonathanGildevall @andreasvirkus @vinayakkulkarni

This is an issue being thrown by NextAuth, the package we use under the hood. Have a look at the discussions currently being held about this issue in their Repo here: https://github.com/nextauthjs/next-auth/discussions/7491

Maybe you can find some solutions to help resolve this!

zoey-kaiser commented 10 months ago

Closing this issue was it results from NextAuth and not us. Please check the link posted above for more information and ideas on how to resolve it.