feat(providers): add Duende IdentityServer 6 (#4850)

* add duende identity server 6 provider * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update packages/next-auth/src/providers/duende-identity-server6.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update packages/next-auth/src/providers/duende-identity-server6.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update apps/dev/pages/api/auth/[...nextauth].ts Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update docs/versioned_docs/version-v3/providers/duende-identity-server6.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update packages/next-auth/src/providers/duende-identity-server6.ts Co-authored-by: Balázs Orbán <info@balazsorban.com> Co-authored-by: Joshua <joshua.grant@tempcover.com> Co-authored-by: Balázs Orbán <info@balazsorban.com>
nextauthjs · Jul 7, 2022 · 3c210d9 · 3c210d9 · vercel · Jul 7, 2022
1 parent 9457593
commit 3c210d9
Show file tree

Hide file tree

Showing 4 changed files with 91 additions and 1 deletion.
diff --git a/apps/dev/pages/api/auth/[...nextauth].ts b/apps/dev/pages/api/auth/[...nextauth].ts
@@ -8,6 +8,7 @@ import TwitterProvider, {
 } from "next-auth/providers/twitter"
 import CredentialsProvider from "next-auth/providers/credentials"
 import IDS4Provider from "next-auth/providers/identity-server4"
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
 import Twitch from "next-auth/providers/twitch"
 import GoogleProvider from "next-auth/providers/google"
 import FacebookProvider from "next-auth/providers/facebook"
@@ -150,6 +151,11 @@ export const authOptions: NextAuthOptions = {
       clientSecret: process.env.IDS4_SECRET,
       issuer: process.env.IDS4_ISSUER,
     }),
+    DuendeIDS6Provider({
+      clientId: "interactive.confidential",
+      clientSecret: "secret",
+      issuer: "https://demo.duendesoftware.com",
+    }),
     DiscordProvider({
       clientId: process.env.DISCORD_ID,
       clientSecret: process.env.DISCORD_SECRET,

diff --git a/docs/versioned_docs/version-v3/providers/duende-identity-server6.md b/docs/versioned_docs/version-v3/providers/duende-identity-server6.md
@@ -0,0 +1,53 @@
+---
+id: duende-identityserver6
+title: DuendeIdentityServer6
+---
+
+## Documentation
+
+https://docs.duendesoftware.com/identityserver/v6
+
+## Options
+
+The **DuendeIdentityServer6 Provider** comes with a set of default options:
+
+- [DuendeIdentityServer6 Provider options](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers/duende-identity-server6.ts)
+
+You can override any of the options to suit your own use case.
+
+## Example
+
+```js
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
+
+...
+providers: [
+  DuendeIDS6Provider({
+    clientId: process.env.DUENDE_IDS6_ID,
+    clientSecret: process.env.DUENDE_IDS6_SECRET,
+    issuer: process.env.DUENDE_IDS6_ISSUER,
+  })
+]
+...
+```
+
+## Demo IdentityServer
+
+The configuration below is for the demo server at https://demo.duendesoftware.com/
+
+If you want to try it out, you can copy and paste the configuration below.
+
+You can sign in to the demo service with either <b>bob/bob</b> or <b>alice/alice</b>.
+
+```js
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
+...
+providers: [
+  DuendeIDS6Provider({
+    clientId: "interactive.confidential",
+    clientSecret: "secret",
+    issuer: "https://demo.duendesoftware.com",
+  })
+]
+...
+```
diff --git a/docs/versioned_docs/version-v3/providers/identity-server4.md b/docs/versioned_docs/version-v3/providers/identity-server4.md
@@ -54,6 +54,6 @@ providers: [
     clientSecret: "secret",
     protection: "pkce"
   })
-}
+]
 ...
 ```
diff --git a/packages/next-auth/src/providers/duende-identity-server6.ts b/packages/next-auth/src/providers/duende-identity-server6.ts
@@ -0,0 +1,31 @@
+import type { OAuthConfig, OAuthUserConfig } from "./oauth"
+
+export interface DuendeISUser extends Record<string, any> {
+  email: string
+  id: string
+  name: string
+  verified: boolean
+}
+
+export default function DuendeIdentityServer6<P extends DuendeISUser>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+  return {
+    id: "duende-identityserver6",
+    name: "DuendeIdentityServer6",
+    type: "oauth",
+    wellKnown: `${options.issuer}/.well-known/openid-configuration`,
+    authorization: { params: { scope: "openid profile email" } },
+    checks: ["pkce", "state"],
+    idToken: true,
+    profile(profile) {
+      return {
+        id: profile.sub,
+        name: profile.name,
+        email: profile.email,
+        image: null,
+      }
+    },
+    options,
+  }
+}