【发布时间】:2021-09-06 07:31:13
【问题描述】:
我正在尝试在我的 next.js 应用中实现 oauth。对于后端,我使用 Django ODIC Provider 和 Next Auth 作为前端。
但我收到一个错误:
{
"error": "invalid_grant",
"error_description": "The provided authorization grant or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client"
}
我该如何解决这个问题?
我在/api/auth/ 中创建了一个名为:[...nextauth].js 的文件,并添加了我的自定义提供程序。
这是我的env 的样子:
NEXTAUTH_URL = http://localhost:3000
CLIENT_ID = 466647
CLIENT_SECRET = 079e7fe518e245cb316701faa19ec463c0073fba25d1e51c2db996ab
SCOPES = openid profile email
和[...nextauth].js:
import NextAuth from 'next-auth'
export default NextAuth({
providers: [
{
id: "pullstream",
name: "Pullstream",
type: "oauth",
version: "2.0",
scope: process.env.SCOPES,
params: { grant_type: "authorization_code" },
accessTokenUrl: "https://accounts.dev.pullstream.com/api/openid/token/",
requestTokenUrl: "https://accounts.dev.pullstream.com/api/accounts/login/",
authorizationUrl: "https://accounts.dev.pullstream.com/api/openid/authorize/",
profileUrl: "https://accounts.dev.pullstream.com/api/accounts/profile/",
async profile(profile, tokens) {
console.log(profile, tokens)
},
clientId: process.env.CLIENT_ID,
clientSecret: process.env.CLIENT_SECRET
}
],
})
【问题讨论】:
-
我已经尝试将客户端类型从
confidential更改为public但没有成功 -
嘿,你的问题解决了吗?
标签: django oauth-2.0 next.js next-auth