Skip to content

Comments

Improve error validation for Microsoft EntraID provider errors before decoding token#12876

Merged
ThangHuuVu merged 4 commits intonextauthjs:mainfrom
kwilcz:main
Apr 20, 2025
Merged

Improve error validation for Microsoft EntraID provider errors before decoding token#12876
ThangHuuVu merged 4 commits intonextauthjs:mainfrom
kwilcz:main

Conversation

@kwilcz
Copy link
Contributor

@kwilcz kwilcz commented Apr 15, 2025

☕️ Reasoning

Microsoft Entra ID & Entra External ID are returning OAuth errors in the response body for token requests.
See: https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow#error-response-1

The change made in this PR will allow developers to at least know what is the real source of the issue instead of misguiding to the incorrect JWT token.

Before:

image

After:

image

🧢 Checklist

  • Documentation
  • Tests
  • Ready to be merged

🎫 Affected issues

Not fixed, but related due to increased difficulty to review errors:

#12702
#12186
#12187
#12560
#12400

📌 Resources

@kwilcz kwilcz requested a review from ThangHuuVu as a code owner April 15, 2025 13:49
@vercel
Copy link

vercel bot commented Apr 15, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
auth-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Apr 20, 2025 4:31am
1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
next-auth-docs ⬜️ Ignored (Inspect) Visit Preview Apr 20, 2025 4:31am

@vercel
Copy link

vercel bot commented Apr 15, 2025

@kwilcz is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

@github-actions github-actions bot added the core Refers to `@auth/core` label Apr 15, 2025
@ThangHuuVu
Copy link
Member

ThangHuuVu commented Apr 20, 2025

thank you, LGTM!

ThangHuuVu
ThangHuuVu reviewed Apr 20, 2025
View reviewed changes
Copy link
Member

@ThangHuuVu ThangHuuVu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

format issues

@codecov
Copy link

codecov bot commented Apr 20, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 16 lines in your changes missing coverage. Please review.

Project coverage is 39.55%. Comparing base (d935665) to head (80c8cd2).
Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
...es/core/src/lib/actions/callback/oauth/callback.ts 0.00% 16 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #12876      +/-   ##
==========================================
- Coverage   39.57%   39.55%   -0.02%     
==========================================
  Files         199      199              
  Lines       31400    31410      +10     
  Branches     1373     1379       +6     
==========================================
  Hits        12425    12425              
- Misses      18975    18985      +10

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@ThangHuuVu ThangHuuVu merged commit a05451d into nextauthjs:main Apr 20, 2025
10 of 14 checks passed
@renovate renovate bot mentioned this pull request May 10, 2025
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ThangHuuVu ThangHuuVu ThangHuuVu approved these changes

Assignees

No one assigned

Labels

core Refers to `@auth/core`

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kwilcz @ThangHuuVu