XF 2.3 OAuth2 set up

M

moby3012

Member
Any chance we can have some kind of documentation on the specifications for oauth2 with xenforo especially on what parameters are being required and sent?

thats what i have right now but i had no luck getting it to work on my nextjs demo app, but i have to say i am pretty new and not an expert here.


JavaScript: 
// /app/api/auth/auth-options.ts

import type { NextAuthOptions, Session } from "next-auth";
import { JWT } from "next-auth/jwt";

declare module "next-auth" {
    interface Session {
        accessToken?: string;
        user: {
            id: string;
            name?: string | null;
            email?: string | null;
            image?: string | null;
        }
    }
}

export const authOptions: NextAuthOptions = {
    providers: [
        {
            id: "xenforo",
            name: "Xenforo",
            type: "oauth",
            authorization: {
                url: "https://www.myxenforourl.de/oauth2/authorize",
                params: {
                    scope: "alert:read alert:write profile_post:read profile_post:write user:read user:write",
                    response_type: "code",
                    code_challenge_method: "S256",
                },
            },
            token: {
                url: "https://www.myxenforourl.de/api/oauth2/token",
                async request({ client, params, checks, provider }) {
                    const response = await client.oauthCallback(
                        provider.callbackUrl,
                        params,
                        checks,
                        {
                            exchangeBody: {
                                client_id: provider.clientId,
                                grant_type: "authorization_code",
                            }
                        }
                    )
                    console.log("Token response:", response);
                    return { tokens: response }
                },
            },
            userinfo: "https://www.myxenforourl.de/api/oauth2/userinfo",
            clientId: process.env.XENFORO_CLIENT_ID,
            clientSecret: process.env.XENFORO_CLIENT_SECRET,
            checks: ["pkce", "state"],
            profile(profile) {
                console.log("Raw profile:", profile);
                return {
                    id: profile.sub,
                    name: profile.name || profile.username,
                    email: profile.email,
                    image: profile.avatar_url,
                };
            },
        },
    ],
    debug: true,
    callbacks: {
        async jwt({ token, account }) {
            console.log("JWT callback - token:", token, "account:", account);
            if (account?.access_token) {
                token.accessToken = account.access_token;
            }
            return token;
        },
        async session({ session, token }: { session: Session; token: JWT }) {
            console.log("Session callback - session:", session, "token:", token);
            return {
                ...session,
                accessToken: token.accessToken as string,
            };
        },
    },
    pages: {
        signIn: "/signin",
    },
    events: {
        async signIn(message) { console.log("Successful sign in", message) },
        async signOut(message) { console.log("Sign out", message) },
    },
};
 
You must log in or register to reply here.

Similar threads

S
OAuth2 - Public flow - grant is always invalid
Replies
1
Views
133
stromb0li
S
S
Confirmed OAuth2 - Undefined array key "host"
Replies
5
Views
101
Jeremy P
Jeremy P
N
XF 2.3 API / Oauth2 : get username and email [2.3.0B5]
Replies
3
Views
215
XWeb Forums
XWeb Forums
K
Fixed OAuth2 Client configuration shows wrong endpoint URLs if friendly URLs are not enabled
Replies
2
Views
204
XF Bug Bot
XF Bug Bot
aidanohart
  • Question Question
Xenforo as an OAuth2 service
Replies
4
Views
2K
⭐ Alex ⭐
⭐ Alex ⭐
Back
Top Bottom