Logout to Login results in an error

[studiodrimmel]

Describe the bug When you have an account in Payload and you login with Google, it works. But if you click the logout button and try to login again by clicking the Login with Google button you will get an error on the oauth callback.

http://localhost:3000/api/oauth/callback/google?code=4%2F.... {"errors":[{"message":"Something went wrong."}]}

You will get the following error in your terminal:

[13:58:57] ERROR: ID Token "nonce" claim missing
    err: {
      "type": "OperationProcessingError",
      "message": "ID Token \"nonce\" claim missing",
      "stack":
          OperationProcessingError: ID Token "nonce" claim missing
              at Module.processAuthorizationCodeOpenIDResponse (webpack-internal:///(rsc)/./node_modules/oauth4webapi/build/index.js:1248:23)
              at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
              at async OIDCCallback (webpack-internal:///(rsc)/./node_modules/payload-auth-plugin/dist/index.js:128:24)
              at async handleCustomEndpoints (webpack-internal:///(rsc)/./node_modules/@payloadcms/next/dist/routes/rest/index.js:194:19)
              at async eval (webpack-internal:///(rsc)/./node_modules/@payloadcms/next/dist/routes/rest/index.js:416:36)
              at async AppRouteRouteModule.do

To Reproduce Steps to reproduce the behavior:

You have to make sure the gmail address you are using already exists in the users-collection in Payload, as it does not create a user for you on first login. Just make a default admin user and add the gmail account to the users collection.

Add a GoogleAuthProvider to the adminAuthPlugin:

 adminAuthPlugin({
      providers: [
        KeycloakAuthProvider(),
        GoogleAuthProvider({
          client_id: process.env.CLIENT_ID,
          client_secret: process.env.CLIENT_SECRET
        })
      ],
    }),

Add a login button

      <form
        action={async () => {
          'use server'
          signin('google')
        }}
        className="w-full"
      >
        <Button type="submit" className="w-full !my-0">
          Sign in with Google
        </Button>
      </form>

Login with Google, Success!

Now logout and try to log back in, it will show: {"errors":[{"message":"Something went wrong."}]}

It will give the following error in the console:

GET /api/oauth/authorization/google 302 in 13ms
[13:40:22] ERROR: ID Token "nonce" claim missing
    err: {
      "type": "OperationProcessingError",
      "message": "ID Token \"nonce\" claim missing",
      "stack":
          OperationProcessingError: ID Token "nonce" claim missing
              at Module.processAuthorizationCodeOpenIDResponse (webpack-internal:///(rsc)/./node_modules/oauth4webapi/build/index.js:1248:23)
              at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
              at async OIDCCallback (webpack-internal:///(rsc)/./node_modules/payload-auth-plugin/dist/index.js:128:24)
              at async handleCustomEndpoints (webpack-internal:///(rsc)/./node_modules/@payloadcms/next/dist/routes/rest/index.js:194:19)
              at async eval (webpack-internal:///(rsc)/./node_modules/@payloadcms/next/dist/routes/rest/index.js:416:36)

...

Expected behavior I expected to be able to login and back in again, over and over.

Desktop (please complete the following information):

• OS: MacOS Sequoia 15.1.1
• Browser Chrome
• Version Latest

[sourabpramanik]

Thanks for creating the issue, I am tracking this

[Sandro48]

We're facing the exact same error unfortunately

[sourabpramanik]

Please update the plugin version to 0.4.0, and also read the doc to first for any breaking changes.