From b467ae704ca25576915b6d1e1756ee67f7d5df92 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi?= <PSNazert@gmail.com>
Date: Mon, 6 Jan 2025 17:39:27 +0100
Subject: [PATCH] feat: enhance authentication flow by redirecting
 unauthenticated users and updating token scope

---
 src/app/lib/axios.ts | 4 +++-
 src/authOptions.ts   | 3 ++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/app/lib/axios.ts b/src/app/lib/axios.ts
index a8b232f..71c1855 100644
--- a/src/app/lib/axios.ts
+++ b/src/app/lib/axios.ts
@@ -1,6 +1,8 @@
+import { authOptions } from "@/authOptions";
 import axios from "axios";
 import moment, { Moment } from "moment";
 import { getSession } from "next-auth/react";
+import { redirect } from "next/navigation";
 
 moment.locale("fr");
 
@@ -35,7 +37,7 @@ axiosInstance.interceptors.request.use(async (config) => {
 	try {
 		const session = await getSession();
 		if (!session) {
-			throw new Error("User is not authenticated");
+			redirect(authOptions.pages!.signIn!);
 		}
 
 		cachedAccessToken = session.accessToken;
diff --git a/src/authOptions.ts b/src/authOptions.ts
index 46ebe52..d4d6ae2 100644
--- a/src/authOptions.ts
+++ b/src/authOptions.ts
@@ -18,7 +18,7 @@ export const authOptions: AuthOptions = {
 			authorization: {
 				url: process.env.OAUTH_AUTHORIZATION_URL,
 				params: {
-					scope: "openid email profile offline_access",
+					scope: "openid email profile",
 					response_type: "code",
 				},
 			},
@@ -28,6 +28,7 @@ export const authOptions: AuthOptions = {
 			userinfo: process.env.OAUTH_USERINFO_URL,
 			issuer: process.env.OAUTH_ISSUER,
 			jwks_endpoint: process.env.OAUTH_JWKS_ENDPOINT,
+			wellKnown: `${process.env.OAUTH_ISSUER}/.well-known/openid-configuration`,
 			profile(profile: Session["user"]) {
 				return {
 					id: profile.sub || profile.id,