Webapp/src/authOptions.ts

import { AuthOptions } from "next-auth";

export const authOptions: AuthOptions = {
	providers: [
		{
			id: "oauth2",
			name: "oauth2",
			type: "oauth",
			clientId: process.env.OAUTH_CLIENT_ID,
			clientSecret: process.env.OAUTH_CLIENT_SECRET,
			authorization: {
				url: process.env.OAUTH_AUTHORIZATION_URL,
				params: {
					scope: "openid email profile",
					response_type: "code",
				},
			},
			token: process.env.OAUTH_TOKEN_URL,
			userinfo: process.env.OAUTH_USERINFO_URL,
			issuer: process.env.OAUTH_ISSUER,
			jwks_endpoint: process.env.OAUTH_JWKS_ENDPOINT,
			profile(profile) {
				return {
					id: profile.sub || profile.id,
					name:
						profile.name ||
						`${profile.given_name} ${profile.family_name}`,
					email: profile.email,
					image: profile.picture || null,
				};
			},
		},
	],
	session: {
		strategy: "jwt",
	},
	callbacks: {
		async jwt({ token, account, user }) {
			if (account) {
				token.accessToken = account.access_token;
				token.refreshToken = account.refresh_token;
				token.expiresAt = Date.now() + account.expires_in * 1000000;
			}

			if (user) {
				token.userId = user.id;
			}

			return token;
		},
		async session({ session, token }) {
			if (token) {
				session.user.id = token.userId;
				session.accessToken = token.accessToken;
				session.refreshToken = token.refreshToken;
				session.expiresAt = token.expiresAt;
			}

			return session;
		},
	},
};
ref: remove comments, move authOptions, add somes Types 2024-11-24 17:22:28 +00:00			`import { AuthOptions } from "next-auth";`

			`export const authOptions: AuthOptions = {`
			`providers: [`
feat: switch to JWKS verification 2024-12-10 23:41:55 +00:00			`{`
			`id: "oauth2",`
			`name: "oauth2",`
			`type: "oauth",`
			`clientId: process.env.OAUTH_CLIENT_ID,`
			`clientSecret: process.env.OAUTH_CLIENT_SECRET,`
			`authorization: {`
			`url: process.env.OAUTH_AUTHORIZATION_URL,`
			`params: {`
			`scope: "openid email profile",`
			`response_type: "code",`
			`},`
			`},`
			`token: process.env.OAUTH_TOKEN_URL,`
			`userinfo: process.env.OAUTH_USERINFO_URL,`
			`issuer: process.env.OAUTH_ISSUER,`
			`jwks_endpoint: process.env.OAUTH_JWKS_ENDPOINT,`
			`profile(profile) {`
			`return {`
			`id: profile.sub \|\| profile.id,`
			`name:`
			`profile.name \|\|`
			`${profile.given_name} ${profile.family_name}`,
			`email: profile.email,`
			`image: profile.picture \|\| null,`
			`};`
			`},`
			`},`
ref: remove comments, move authOptions, add somes Types 2024-11-24 17:22:28 +00:00			`],`
			`session: {`
			`strategy: "jwt",`
			`},`
			`callbacks: {`
			`async jwt({ token, account, user }) {`
			`if (account) {`
feat: switch to JWKS verification 2024-12-10 23:41:55 +00:00			`token.accessToken = account.access_token;`
			`token.refreshToken = account.refresh_token;`
			`token.expiresAt = Date.now() + account.expires_in * 1000000;`
			`}`

			`if (user) {`
			`token.userId = user.id;`
ref: remove comments, move authOptions, add somes Types 2024-11-24 17:22:28 +00:00			`}`
feat: switch to JWKS verification 2024-12-10 23:41:55 +00:00
ref: remove comments, move authOptions, add somes Types 2024-11-24 17:22:28 +00:00			`return token;`
			`},`
			`async session({ session, token }) {`
feat: switch to JWKS verification 2024-12-10 23:41:55 +00:00			`if (token) {`
			`session.user.id = token.userId;`
			`session.accessToken = token.accessToken;`
			`session.refreshToken = token.refreshToken;`
			`session.expiresAt = token.expiresAt;`
			`}`

ref: remove comments, move authOptions, add somes Types 2024-11-24 17:22:28 +00:00			`return session;`
			`},`
			`},`
feat: switch to JWKS verification 2024-12-10 23:41:55 +00:00			`};`