Replies: 6 comments 1 reply
-
Naver’s official answer for this issue(English below): 안녕하세요 수세미님 먼저 불편을 드려 죄송합니다. OAuth2.0 스펙과 다르게 제공되고 있으나, 사이드 이펙트의 우려로 이미 제공되고 있는 스펙을 수정하는 것은 어렵다는 점 양해 부탁드립니다 문서 상으로 OAuth2.0 스펙과 다르게 동작된다는걸 명시하고, 가능하면 next-auth 에도 해당 사항이 반영될 수 있도록 하겠습니다 감사합니다 (English) First of all, we apologize for the inconvenience. Although it is provided differently from the OAuth2.0 specification, please understand that it is difficult to modify the already provided specification due to concerns about side-effect. In the document, we will specify that it operates differently from the OAuth2.0 specification, and if possible, we will ensure that this is reflected in next-auth as well. Thanks |
Beta Was this translation helpful? Give feedback.
-
Due to Naver's response, they will not fix the issue now. Therefore, we need to hard-code only for this Naver's case. |
Beta Was this translation helpful? Give feedback.
-
I'm getting the same error with Azure AD |
Beta Was this translation helpful? Give feedback.
-
how to fix it manually ? |
Beta Was this translation helpful? Give feedback.
-
@teamsmiley @curlydoodle @lodado I patched the underlying dependency library "overrides": {
"oauth4webapi": "npm:@jacobkim/oauth4webapi@^2.10.4"
} This will fix the issue with Azure AD B2C and Naver provider. Here is a detailed explanation https://jacob.kim/en/articles/next-auth-expires-in. (Korean) 저와 같이 Auth.js (next-auth) v5와 네이버 로그인을 사용하시려고 하시는 분을 위해 해결 방안을 블로그에 써두었습니다. 요약하자면, "overrides": {
"oauth4webapi": "npm:@jacobkim/oauth4webapi@^2.10.4"
} package.json에 |
Beta Was this translation helpful? Give feedback.
-
While implementing
NaverProvider
with auth.js (next-auth) v5, the flow causes OperationProcessingError denoting invalid response type ofexpires_in
field.Official docs of Naver states the value should be integer, but actual value is coming with string typed.
and the
expires_in
value should be typed as number as per RFC 6749 page 43.This will cause inability implementing
NaverProvider
with v5.I think I can't do anything meaningful right now besides reporting it to Naver but leaving this for further triaging.
Beta Was this translation helpful? Give feedback.
All reactions