search

t3-oss / create-t3-turbo

Clean and simple starter repo using the T3 Stack along with Expo React Native
https://turbo.t3.gg
MIT License
4.58k stars 384 forks source link

bug: OAuthCallbackError: OAuth Provider returned an error #879

Open trevorpfiz opened 7 months ago

trevorpfiz commented 7 months ago

Provide environment information

System: OS: Linux 5.15 Ubuntu 20.04.6 LTS (Focal Fossa) CPU: (16) x64 AMD Ryzen 7 3700X 8-Core Processor Memory: 5.78 GB / 9.72 GB Container: Yes Shell: 5.8 - /usr/bin/zsh Binaries: Node: 20.11.0 - ~/.nvm/versions/node/v20.11.0/bin/node npm: 10.2.4 - ~/.nvm/versions/node/v20.11.0/bin/npm pnpm: 9.0.0-alpha.1 - ~/.local/share/pnpm/pnpm bun: 1.0.14 - ~/.local/share/pnpm/bun Watchman: 2024.01.22.00 - /home/linuxbrew/.linuxbrew/bin/watchman

Describe the bug

https://github.com/nextauthjs/next-auth/issues/9966

Link to reproduction

https://github.com/t3-oss/create-t3-turbo

To reproduce

click 'Sign in with Discord'. click the cancel button on the Discord signin page. see error.

Additional information

it should send back to something like https://turbo.t3.gg/api/auth/signin?error=OAuthCallbackError? instead it is this http://localhost:3000/api/auth/callback/discord?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request

juliusmarminge commented 7 months ago

Make sure you're on beta.9, then remove the AUTH_URL env var, it is not needed and causes some issues still...

trevorpfiz commented 7 months ago

Make sure you're on beta.9, then remove the AUTH_URL env var, it is not needed and causes some issues still...

yep I did. still getting the error. only get this error in development it seems.

juliusmarminge commented 7 months ago

gonna need a different reproduction then since https://turbo.t3.gg works and signs you in properly..

trevorpfiz commented 7 months ago

gonna need a different reproduction then since https://turbo.t3.gg works and signs you in properly..

right. works in production, but not in development for me. didn't realize when I first made the issue. sorry about that.

juliusmarminge commented 7 months ago

still gonna need some more info cause repo works fine for me. what envs do you have (obv don't give me secrets), can you verify the version is beta.9 in pnpm-lock? cleared node_modules etc (run pnpn clean:workspaces)?

DB_HOST='aws.connect.psdb.cloud'
DB_NAME='personal'
DB_USERNAME=''
DB_PASSWORD='pscale_pw_'

AUTH_SECRET=""
AUTH_DISCORD_ID=""
AUTH_DISCORD_SECRET=""

https://github.com/t3-oss/create-t3-turbo/assets/51714798/33f05eb0-3c8c-48bd-9ba9-3629aaba95f2

juliusmarminge commented 7 months ago

also remove the proxy url if you have that set. not sure why that was in the example env in the first place as it's strictly to get preview envs working and not needed in dev 😅

trevorpfiz commented 7 months ago

On the Discord page does it error when you click the cancel button instead of authorize? login works, but the cancel errors on development for me. I already removed the proxy secret.

trevorpfiz commented 7 months ago

https://www.loom.com/share/7d8d95668bc8422b99c9f28b45197ec2?sid=f68db43b-4004-45d3-83b0-0b3cc403ab1b

fresh install with these envs. I should have done a video from the start like you did.

# The database URL is used to connect to your PlanetScale database.
DB_HOST='aws.connect.psdb.cloud'
DB_NAME='create-t3-turbo'
DB_USERNAME=''
DB_PASSWORD='pscale_pw_'

AUTH_SECRET=''
AUTH_DISCORD_ID=''
AUTH_DISCORD_SECRET=''
trevorpfiz commented 7 months ago

export const runtime = "edge" in [...nextauth]/route.ts is causing this error

juliusmarminge commented 7 months ago

Cant see how that's related to the update. What database do you use? Planetscale is edge compat so it's only if you've changed the db provider

trevorpfiz commented 7 months ago

I am using Planetscale. Same error here https://github.com/nextauthjs/next-auth/issues/9869

juliusmarminge commented 7 months ago

Are you returning false in your signin? Then we can close this issue as the template doesnt do that and the issue is tracked upstream.

trevorpfiz commented 7 months ago

Are you returning false in your signin? Then we can close this issue as the template doesnt do that and the issue is tracked upstream.

I haven't changed any code other than adding my env vars. All I know is when I cancel the Discord sign-in flow in development, with edge set, I get the error with a fresh clone of this template.

juliusmarminge commented 7 months ago

I see - let's keep it open then until it's fixed upstream (probably beta.10). I dont think there's anything wrong with our code here though

ypanagidis commented 7 months ago

I should also mention that my issue (https://github.com/nextauthjs/next-auth/issues/9869) originated with t3 turbo but i reproduce it with a normal next app. Basically any time the auth flow is not successful for any reason on the edge runtime it throws a type error that I cannot catch/handle no matter what I try. Same behaviour but not on edge just redirects to the default error page of next auth or you cant catch/handle normally. Nothing much to do with t3 turbo.

adamspotlite commented 6 months ago

Related but different - why is AUTH_URL no longer needed? Is that specific to this deployment pattern or the underlying libraries? For context, I'm deploying through a docker container (GCP Cloud Run) + while my redirect_uri is properly set, I get routed to https://0.0.0.0:3000/api/auth/error?error=CallbackRouteError after I sign in with the provider (Google, in my case).

Any thoughts?