Merged in feat/curity-changes (pull request #1190)

Feat/curity changes

* Changed curity stuff

* Use env.var

* Merge branch 'master' into feat/curity-changes

* Merged master into feat/curity-changes

auth.ts

@@ -1,11 +1,10 @@
-import NextAuth from "next-auth"
+import NextAuth, { type NextAuthConfig, type User } from "next-auth"
 
 import { PRE_REFRESH_TIME_IN_SECONDS } from "@/constants/auth"
 import { env } from "@/env/server"
 
 import { LoginTypeEnum } from "./types/components/tracking"
 
-import type { NextAuthConfig, User } from "next-auth"
 import type { JWT } from "next-auth/jwt"
 import type { OIDCConfig } from "next-auth/providers"
 
@@ -85,10 +84,7 @@ const curityProvider = {
   type: "oidc",
   clientId: env.CURITY_CLIENT_ID_USER,
   clientSecret: env.CURITY_CLIENT_SECRET_USER,
-  // FIXME: This is incorrect. We should not hard code this.
-  //        It should be ${env.CURITY_ISSUER_USER}.
-  //        This change requires sync between Curity deploy and CurrentWeb and NewWeb.
-  issuer: "https://scandichotels.com",
+  issuer: env.CURITY_ISSUER_SERVICE,
   authorization: {
     url: `${env.CURITY_ISSUER_USER}/oauth/v2/authorize`,
   },
@@ -170,9 +166,7 @@ export const config = {
     async jwt({ account, session, token, trigger, user, profile }) {
       const loginType = getLoginType(user)
       if (trigger === "signIn" && account) {
-        const mfa_scope =
-          profile?.amr ==
-          "urn:se:curity:authentication:otp-authenticator:OTP-Authenticator_web"
+        const mfa_scope = profile?.amr == "urn:com:scandichotels:scandic-otp"
         const tokenExpiry = account.expires_at
           ? account.expires_at * 1000
           : undefined