From 6afcf574c1943e9746b041cc9336f40ecb43d3eb Mon Sep 17 00:00:00 2001
From: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>
Date: Mon, 28 Aug 2023 14:49:48 +0200
Subject: [PATCH] fix: oauth2 login
---
examples/nextjs-spa/src/pages/login.tsx | 18 +++-
package-lock.json | 105 ++++++++++++++++++++++++
2 files changed, 120 insertions(+), 3 deletions(-)
diff --git a/examples/nextjs-spa/src/pages/login.tsx b/examples/nextjs-spa/src/pages/login.tsx
index 01aa4292e..1a03b11fa 100644
--- a/examples/nextjs-spa/src/pages/login.tsx
+++ b/examples/nextjs-spa/src/pages/login.tsx
@@ -26,6 +26,10 @@ const Login: NextPageWithLayout = () => {
const returnTo = String(router.query.return_to || "")
const flowId = String(router.query.flow || "")
+ // login_challenge is used for OAuth2 and OpenID Connect logins
+ // when this NextJS application is used as an OAuth provider for Single Sign on (SSO).
+ const loginChallenge = String(router.query.login_challenge || "")
+
// Refresh means we want to refresh the session. This is needed, for example, when we want to update the password
// of a user.
const refresh = Boolean(router.query.refresh)
@@ -53,13 +57,14 @@ const Login: NextPageWithLayout = () => {
)
const createFlow = useCallback(
- (refresh: boolean, aal: string, returnTo: string) =>
+ (refresh: boolean, aal: string, returnTo: string, loginChallenge?: string) =>
ory
.createBrowserLoginFlow({
refresh: refresh,
// Check for two-factor authentication
aal: aal,
returnTo: returnTo,
+ loginChallenge: loginChallenge,
})
.then(({ data }) => {
setFlow(data)
@@ -76,13 +81,13 @@ const Login: NextPageWithLayout = () => {
if (flowId) {
getFlow(flowId).catch(() => {
- createFlow(refresh, aal, returnTo)
+ createFlow(refresh, aal, returnTo, loginChallenge)
})
return
}
// Otherwise we initialize it
- createFlow(refresh, aal, returnTo)
+ createFlow(refresh, aal, returnTo, loginChallenge)
}, [router.isReady])
const submitFlow = (values: UpdateLoginFlowBody) =>
@@ -118,6 +123,13 @@ const Login: NextPageWithLayout = () => {
includeScripts={true}
// we submit the form data to Ory
onSubmit={({ body }) => submitFlow(body as UpdateLoginFlowBody)}
+
+ // OAauth2 and OpenID Connect
+ {...(flow.oauth2_login_request && {
+ subtitle: `To authenticate ${flow.oauth2_login_request.client?.client_name ||
+ flow.oauth2_login_request.client?.client_id
+ }`
+ })}
/>
) : (
Loading...
diff --git a/package-lock.json b/package-lock.json
index 4f2f10814..b17b4639b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6914,6 +6914,66 @@
"version": "13.4.13",
"license": "MIT"
},
+ "node_modules/@next/swc-darwin-arm64": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-13.4.13.tgz",
+ "integrity": "sha512-ZptVhHjzUuivnXMNCJ6lER33HN7lC+rZ01z+PM10Ows21NHFYMvGhi5iXkGtBDk6VmtzsbqnAjnx4Oz5um0FjA==",
+ "cpu": [
+ "arm64"
+ ],
+ "optional": true,
+ "os": [
+ "darwin"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
+ "node_modules/@next/swc-darwin-x64": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-13.4.13.tgz",
+ "integrity": "sha512-t9nTiWCLApw8W4G1kqJyYP7y6/7lyal3PftmRturIxAIBlZss9wrtVN8nci50StDHmIlIDxfguYIEGVr9DbFTg==",
+ "cpu": [
+ "x64"
+ ],
+ "optional": true,
+ "os": [
+ "darwin"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
+ "node_modules/@next/swc-linux-arm64-gnu": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-13.4.13.tgz",
+ "integrity": "sha512-xEHUqC8eqR5DHe8SOmMnDU1K3ggrJ28uIKltrQAwqFSSSmzjnN/XMocZkcVhuncuxYrpbri0iMQstRyRVdQVWg==",
+ "cpu": [
+ "arm64"
+ ],
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
+ "node_modules/@next/swc-linux-arm64-musl": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-13.4.13.tgz",
+ "integrity": "sha512-sNf3MnLAm8rquSSAoeD9nVcdaDeRYOeey4stOWOyWIgbBDtP+C93amSgH/LPTDoUV7gNiU6f+ghepTjTjRgIUQ==",
+ "cpu": [
+ "arm64"
+ ],
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
"node_modules/@next/swc-linux-x64-gnu": {
"version": "13.4.13",
"cpu": [
@@ -6942,6 +7002,51 @@
"node": ">= 10"
}
},
+ "node_modules/@next/swc-win32-arm64-msvc": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-13.4.13.tgz",
+ "integrity": "sha512-rWurdOR20uxjfqd1X9vDAgv0Jb26KjyL8akF9CBeFqX8rVaBAnW/Wf6A2gYEwyYY4Bai3T7p1kro6DFrsvBAAw==",
+ "cpu": [
+ "arm64"
+ ],
+ "optional": true,
+ "os": [
+ "win32"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
+ "node_modules/@next/swc-win32-ia32-msvc": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-win32-ia32-msvc/-/swc-win32-ia32-msvc-13.4.13.tgz",
+ "integrity": "sha512-E8bSPwRuY5ibJ3CzLQmJEt8qaWrPYuUTwnrwygPUEWoLzD5YRx9SD37oXRdU81TgGwDzCxpl7z5Nqlfk50xAog==",
+ "cpu": [
+ "ia32"
+ ],
+ "optional": true,
+ "os": [
+ "win32"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
+ "node_modules/@next/swc-win32-x64-msvc": {
+ "version": "13.4.13",
+ "resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-13.4.13.tgz",
+ "integrity": "sha512-4KlyC6jWRubPnppgfYsNTPeWfGCxtWLh5vaOAW/kdzAk9widqho8Qb5S4K2vHmal1tsURi7Onk2MMCV1phvyqA==",
+ "cpu": [
+ "x64"
+ ],
+ "optional": true,
+ "os": [
+ "win32"
+ ],
+ "engines": {
+ "node": ">= 10"
+ }
+ },
"node_modules/@nicolo-ribaudo/eslint-scope-5-internals": {
"version": "5.1.1-v1",
"dev": true,