feat: integrate openid well-known

src/app/components/Auth.tsx

@@ -33,7 +33,7 @@ const Auth = () => {
 				</div>
 			) : (
 				<div>
-					<p>Welcome, {session.user?.name || "User"}!</p>
+					<p>Welcome, {session.user.name || "User"}!</p>
 					<button
 						style={{
 							padding: "10px 20px",

src/authOptions.ts

@@ -1,4 +1,5 @@
-import { AuthOptions } from "next-auth";
+import { AuthOptions, Session } from "next-auth";
+
 
 export const authOptions: AuthOptions = {
 	providers: [
@@ -8,6 +9,7 @@ export const authOptions: AuthOptions = {
 			type: "oauth",
 			clientId: process.env.OAUTH_CLIENT_ID,
 			clientSecret: process.env.OAUTH_CLIENT_SECRET,
+			wellKnown: process.env.OAUTH_WELL_KNOWN,
 			authorization: {
 				url: process.env.OAUTH_AUTHORIZATION_URL,
 				params: {
@@ -15,25 +17,22 @@ export const authOptions: AuthOptions = {
 					response_type: "code",
 				},
 			},
+			checks: ["pkce", "state"],
+			idToken: true,
 			token: process.env.OAUTH_TOKEN_URL,
 			userinfo: process.env.OAUTH_USERINFO_URL,
 			issuer: process.env.OAUTH_ISSUER,
 			jwks_endpoint: process.env.OAUTH_JWKS_ENDPOINT,
-			profile(profile) {
+			profile(profile: Session["user"]) {
 				return {
 					id: profile.sub || profile.id,
 					name:
-						profile.name ||
-						`${profile.given_name} ${profile.family_name}`,
-					email: profile.email,
-					image: profile.picture || null,
+						profile.name || profile.preferred_username ||
+						`${profile.given_name} ${profile.family_name}`
 				};
 			},
 		},
 	],
-	session: {
-		strategy: "jwt",
-	},
 	callbacks: {
 		async jwt({ token, account, user }) {
 			if (account) {

src/types/next-auth.d.ts

@@ -9,7 +9,12 @@ declare module "next-auth" {
 		expiresAt: number;
 		user: {
 			id: string;
-		} & DefaultSession["user"];
+			sub: string;
+			name: string;
+			preferred_username: string;
+			given_name: string;
+			family_name: string;
+		};
 	}
 
 	interface Account {