next-auth (authjs) oidc and webpack error

[0xHorace]

I have been hacking a project based on this repo and found workarounds with the version of next-auth that's implemented even though it is not the latest. Some roadblocks I've encountered is that the credentials next-auth provider won't work because of the stream package, the mongodb adapter doesn't work in next-auth options, and I can't use the next-auth getServerSession() function.

I've recently tried again to troubleshoot upgrading to the latest next-auth with this repo and here's what I did and what Im encountering:

• uninstalled "next-auth": "0.0.0-manual.83c4ebd1"
• removed dependencies with
  rm -rf node_modules & rm pnpm-lock.yaml
• installed latest next-auth version: pnpm add next-auth@latest
• re-installed remaining dependencies: pnpm install

when I pnpm run dev I encounter this error:

error node_modules/.pnpm/oidc-token-hash@5.0.3/node_modules/oidc-token-hash/lib/shake256.js (3:0) @ <unknown>
error Cannot read properties of undefined (reading 'substring')

the contents of the oidc-token-hash file:

const crypto = require('crypto');

const [major, minor] = process.version.substring(1).split('.').map((x) => parseInt(x, 10));
const xofOutputLength = major > 12 || (major === 12 && minor >= 8);
const shake256 = xofOutputLength && crypto.getHashes().includes('shake256');

module.exports = shake256;

attempt at implementing fallback logic:

const crypto = require('crypto');

const nodeVersion = process.version || '0.0.0'; // Fallback to a default version
const [major, minor] = nodeVersion.substring(1).split('.').map((x) => parseInt(x, 10));
const xofOutputLength = major > 12 || (major === 12 && minor >= 8);
const shake256 = xofOutputLength && crypto.getHashes().includes('shake256');

module.exports = shake256;

returns a new error:

- error Error [TypeError]: Cannot read properties of undefined (reading 'custom')
    at <unknown> (webpack-internal:///(middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/device_flow_handle.js:97)
    at eval (webpack-internal:///(middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/device_flow_handle.js:97:41)
    at (middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/device_flow_handle.js (file:///Users/****/Desktop/****/.next/server/middleware.js:1191:1)
    at __webpack_require__ (file:///Users/****/Desktop/****/.next/server/edge-runtime-webpack.js:37:33)
    at fn (file:///Users/****/Desktop/****/.next/server/edge-runtime-webpack.js:268:21)
    at eval (webpack-internal:///(middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/client.js:31:26)
    at (middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/client.js (file:///Users/****/Desktop/****/.next/server/middleware.js:1180:1)
    at __webpack_require__ (file:///Users/****/Desktop/****/.next/server/edge-runtime-webpack.js:37:33)
    at fn (file:///Users/****/Desktop/****/.next/server/edge-runtime-webpack.js:268:21)
    at eval (webpack-internal:///(middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/issuer.js:5:19)
    at (middleware)/./node_modules/.pnpm/openid-client@5.4.3/node_modules/openid-client/lib/issuer.js (file:///Users/****/Desktop/****.next/server/middleware.js:1444:1) {
  digest: undefined
}

From here I am stuck, a little hesitant to keep digging and making changes to these dependencies. Hopefully this at least provides someone else with a similar issue some insight as I've seen some other issues related to next-auth. Any help would be greatly appreciated, as well.

[amplicity]

I believe this same issue is referenced here

[Rafcin]

Using the canary version of Next 13.4.7-canary.1 and next-auth 0.0.0-manual.83c4ebd1 it seems to work. Changing either of these breaks it.

[BrandonWeng]

I was able to upgrade nextjs and next-auth by moving away from middleware
nextauthjs/next-auth#7732

[codiak]

Using the canary version of Next 13.4.7-canary.1 and next-auth 0.0.0-manual.83c4ebd1 it seems to work. Changing either of these breaks it.

At first I thought I needed to patch oidc-token-hash in addition to using these release candidates, but it really only required using these versions, thank you.

[petrgazarov]

The fact that you have to use canary/hacked versions of the two foundational dependencies makes this template a lot less useful for building production apps.

[riccardolinares]

@shadcn help us! <3

[Markeljan]

next-auth@beta & next 14 seems to be working, still not 100% done migrating though

[callummcadam]

This is my commit migrating to Next 14.0.2 and Next Auth 5 Beta: 054c26d

[leerob]

Updated to all latest versions, including Next.js and NextAuth.js here: #186