Help | Auth v5 Custom Provider is not working with the same v4 configuration

[smo043]

I'm using the most recent next.js and next-auth beta versions. My project uses a custom provider, and everything works perfectly with version 4. However, using the identical configuration with v5 breaks, the page does not redirect me to the org sign in page. Can someone help me if there's anything wrong with this custom provider approach? Thanks.

UI Error:
http://localhost:3002/api/auth/error?error=Configuration

Message:

Server error

There is a problem with the server configuration.
Check the server logs for more information.

Logs:
[auth][error] CallbackRouteError: Read more at callbackrouteerror
[auth][cause]: Error: TODO: Handle www-authenticate challenges as needed
at handleOAuth (web pack-internal:///(rsc)/./node_modules/@auth/core/lib/actions/callback/oauth/callback.js)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

ENV VARIABLES:

AUTH_URL: 'http://localhost:3002'
AUTH_SECRET: 'SECRET HERE'

Here is the v4 custom provider configuration:

middleware.ts

export default withAuth({
  pages: {
    signIn: "/",
  },
});

auth.config.ts

export const authConfigOptions = {
  pages: {
    signIn: "/",
  },
  useSecureCookies: process.env.NODE_ENV === "production",
  session: {
    strategy: "jwt",
    maxAge: 30 * 60,
  },
  providers: [
    {
      httpOptions: process.env.AUTH_HTTP_TIMEOUT,
      id: "myid",
      name: "MY ID",
      type: "oauth",
      clientId: process.env.AUTH_CLIENT_ID,
      wellKnown: process.env.AUTH_WELLKNOWN_URL,
      jwks_endpoint: process.env.AUTH_JWKS_URL,
      checks: ["state", "pkce"],
      token: {
        url: process.env.AUTH_TOKEN_URL,
        params: {
          scope: "openid profile",
          grant_type: "authorization_code",
          client_id: process.env.AUTH_CLIENT_ID,
          redirect_uri: `${process.env.AUTH_URL}/api/auth/callback`,
        },
      },
      authorization: {
        url: process.env.AUTH_ENDPOINT,
        params: {
          scope: "openid profile",
          response_type: "code",
          client_id: process.env.AUTH_CLIENT_ID,
          acr_values: process.env.AUTH_ACR_VALUE,
        },
      },
      client: {
        token_endpoint_auth_method: "none",
      },
      profile(profile) {
        return {
          ...profile,
          id: profile.sub || "",
        };
      },
    },
  ],
  callbacks: {
    redirect({ baseUrl }) {
      return baseUrl; // v4 doesn't work without this
    },
    async jwt({ token, user, account, trigger }) {
      // logic for initial signin, session validation comes here
    },
    session({ session, token }) {
      // session logic here

      return session;
    },
    signIn: async ({ user, account }) => {
      // signin logic here
      return !!account.access_token;
    },
  },
  events: {
    signOut: async ({ token }) => {
      // signout logic here
    },
  },
};

[JeremyXXXuuu]

Facing same problem

[smo043]

any help?

[ScreamZ]

Staying in 0.30 in auth/core works, moving to 0.31 breaks

[smo043]

the @auth/core version is 0.28.1 and next-auth version is 5.0.0-beta.16

[smo043]

it is still same with version 0.30

[JeremyXXXuuu]

Hey, try this, in your authConfig, change type: "oauth" to type: "oidc", this works for me.

Btw, anyone knows how to get access_token in api route, in v4 I use

import { getToken } from "next-auth/jwt";
const {accessToken}= await getToken({ req, secret: authOptions.secret });

[smo043]

thanks, let me try

[smo043]

Did not work

[smo043]

Hey, try this, in your authConfig, change type: "oauth" to type: "oidc", this works for me.

Btw, anyone knows how to get access_token in api route, in v4 I use

import { getToken } from "next-auth/jwt";

const {accessToken}= await getToken({ req, secret: authOptions.secret });

In v4 to get the session I am using getServerSession

`import {getServerSession} from 'next-auth/next';

const session = await getServerSession(authOptions)

const {accessToken} = session;`