feat: add redirect_proxy url to handle auth in stage, test

2024-03-27 09:01:38 +01:00
parent f888038c96
commit 445e523c9a
4 changed files with 99 additions and 57 deletions
--- a/auth.ts
+++ b/auth.ts
@@ -2,48 +2,51 @@ import NextAuth from "next-auth"

 import { env } from "@/env/server"

-import type { NextAuthConfig } from "next-auth"
+import type { NextAuthConfig, User } from "next-auth"
+import type { OIDCConfig } from "next-auth/providers"
+
+const customProvider = {
+  clientId: env.CURITY_CLIENT_ID_USER,
+  clientSecret: env.CURITY_CLIENT_SECRET_USER,
+  id: "curity",
+  name: "Curity",
+  type: "oidc",
+  // FIXME: This is incorrect. We should not hard code this.
+  //        It should be ${env.CURITY_ISSUER_USER}.
+  //        This change requires sync between Curity deploy and CurrentWeb and NewWeb.
+  issuer: "https://scandichotels.com",
+  authorization: {
+    url: `${env.CURITY_ISSUER_USER}/oauth/v2/authorize`,
+    params: {
+      scope: ["openid"],
+    },
+  },
+  token: {
+    url: `${env.CURITY_ISSUER_USER}/oauth/v2/token`,
+  },
+  userinfo: {
+    url: `${env.CURITY_ISSUER_USER}/oauth/v2/userinfo`,
+  },
+
+  profile(profile) {
+    console.log({ profile })
+    return {
+      id: profile.id,
+      sub: profile.sub,
+      given_name: profile.given_name,
+    }
+  },
+} satisfies OIDCConfig<User>

 export const config = {
-  providers: [
-    {
-      id: "curity",
-      type: "oidc",
-      name: "Curity",
-      // FIXME: This is incorrect. We should not hard code this.
-      //        It should be ${env.CURITY_ISSUER_USER}.
-      //        This change requires sync between Curity deploy and CurrentWeb and NewWeb.
-      issuer: "https://scandichotels.com",
-      token: {
-        url: `${env.CURITY_ISSUER_USER}/oauth/v2/token`,
-      },
-      userinfo: {
-        url: `${env.CURITY_ISSUER_USER}/oauth/v2/userinfo`,
-      },
-      authorization: {
-        url: `${env.CURITY_ISSUER_USER}/oauth/v2/authorize`,
-        params: {
-          scope: ["openid"],
-        },
-      },
-      clientId: env.CURITY_CLIENT_ID_USER,
-      clientSecret: env.CURITY_CLIENT_SECRET_USER,
-
-      profile(profile: { id: string; sub: string; given_name: string }) {
-        console.log({ profile })
-        return {
-          id: profile.id,
-          sub: profile.sub,
-          given_name: profile.given_name,
-        }
-      },
-    },
-  ],
-  trustHost: true,
+  // basePath: "/api/auth",
  // pages: {
  //   signIn: "/auth/login",
  // },
-  // basePath: "/api/auth",
+  providers: [customProvider],
+  redirectProxyUrl: env.NEXTAUTH_REDIRECT_PROXY_URL,
+  trustHost: true,
+
  session: {
    strategy: "jwt",
  },