使用next.js、带有zitadel的next-auth
import ZitadelProvider from "next-auth/providers/zitadel";
...
providers: [
ZitadelProvider({
issuer: process.env.ZITADEL_ISSUER,
clientId: process.env.ZITADEL_CLIENT_ID,
clientSecret: process.env.ZITADEL_CLIENT_SECRET,
})
]
...和.env
NEXTAUTH_SECRET=random
NEXTAUTH_URL=http://localhost:3000
# Next Auth ZITADEL Provider
ZITADEL_CLIENT_ID=xyz@myproject
ZITADEL_CLIENT_SECRET=random
ZITADEL_ISSUER=https://myinstance-qz4usg.zitadel.cloud/当我尝试使用zitadel登录时收到以下错误
[next-auth][error][SIGNIN_OAUTH_ERROR]
https://next-auth.js.org/errors#signin_oauth_error expected 200 OK, got: 301 Moved Permanently {
error: {
message: 'expected 200 OK, got: 301 Moved Permanently',
stack: 'OPError: expected 200 OK, got: 301 Moved Permanently\n' +
' at processResponse (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/openid-client/lib/helpers/process_response.js:41:11)\n' +
' at Function.discover (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/openid-client/lib/issuer.js:152:20)\n' +
' at runMicrotasks (<anonymous>)\n' +
' at processTicksAndRejections (node:internal/process/task_queues:96:5)\n' +
' at async openidClient (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next-auth/core/lib/oauth/client.js:16:14)\n' +
' at async getAuthorizationUrl (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next-auth/core/lib/oauth/authorization-url.js:67:18)\n' +
' at async Object.signin (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next-auth/core/routes/signin.js:38:24)\n' +
' at async AuthHandler (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next-auth/core/index.js:253:26)\n' +
' at async NextAuthHandler (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next-auth/next/index.js:23:19)\n' +
' at async /Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next-auth/next/index.js:59:32\n' +
' at async Object.apiResolver (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/api-utils/node.js:363:9)\n' +
' at async DevServer.runApi (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/next-server.js:487:9)\n' +
' at async Object.fn (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/next-server.js:749:37)\n' +
' at async Router.execute (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/router.js:253:36)\n' +
' at async DevServer.run (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/base-server.js:384:29)\n' +
' at async DevServer.run (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/dev/next-dev-server.js:741:20)\n' +
' at async DevServer.handleRequest (/Users/sdoxsee/workspace/simplestep/my-t3-app/node_modules/next/dist/server/base-server.js:322:20)',
name: 'OPError'
},
providerId: 'zitadel',
message: 'expected 200 OK, got: 301 Moved Permanently'
}
1条答案
按热度按时间y53ybaqx1#
从.well-known/openid-configuration端点复制发行者url会在发行者的末尾添加一个尾随的“/”(如上面的.env所示)。
删除“/”修复了它。
即
ZITADEL_ISSUER=https://myinstance-qz4usg.zitadel.cloud