feat(core/providers): Add Vipps Login Provider

[itschip]

NOTE:

• It's a good idea to open an issue first to discuss potential changes.
• Please make sure that you are NOT opening a PR to fix a potential security vulnerability. Instead, please follow the Security guidelines to disclose the issue to us confidentially.

☕️ Reasoning

This PR adds Vipps Login API to next-auth. One of the most popular login methods used in Norway.

Completes #6424 (Credits to @endrekrohn for the initial PR)

🧢 Checklist

• Documentation
• Tests
• Ready to be merged

🎫 Affected issues

None

📌 Resources

• Security guidelines
• Contributing guidelines
• Code of conduct
• Contributing to Open Source

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
auth-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 12, 2023 9:52am

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
next-auth-docs	⬜️ Ignored (Inspect)			Apr 12, 2023 9:52am

[ThangHuuVu]

Thanks, I added some comments. Besides, could you add an option to the issue template? 🙏

[ThangHuuVu]

This isn't used anywhere

[ThangHuuVu]

client_id and response_type is automatically added, so I think you can remove them here

[ThangHuuVu]

Sorry, I meant you could use the wellKnown option with idToken: true, described here: https://authjs.dev/reference/providers/oauth#userinfo-option
since this is an OIDC-compliant provider, we should be able to extract the user info without making a request to that endpoint

[itschip]

Last time I checked idToken wasn't a type on OIDCConfig. Should I add it?

I read that next-auth still will try and contact said endpoint tho

[ThangHuuVu]

profile isn't needed afaik

[itschip]

Ok, so after ace052b I seem to get the decoded id_token as the OAuthProfile. Is that correct?

[itschip]

However, if I bring back the changes from ab8da6c

as well as including a custom request for the userinfo and adding the profile function back, I get "actual" profile data with email, name..etc

@balazsorban44 If I may ask, what was the reason for 740a2db, as that is where I took it from. Is it needed for Vipps too you think?

[balazsorban44]

I would like to test this locally before merging. I'm currently struggling with Vipps Support to check why my redirect url is not accepted. 🙏

The Vipps provider is a standard OIDC provider, so userinfo.request should be unnecessary as it's reserved for non-compliant providers as an escape hatch. I'm looking into this. 👍

[itschip]

I would like to test this locally before merging. I'm currently struggling with Vipps Support to check why my redirect url is not accepted. 🙏

The Vipps provider is a standard OIDC provider, so userinfo.request should be unnecessary as it's reserved for non-compliant providers as an escape hatch. I'm looking into this. 👍

Thank you! Let me know if I can help you with anything :)

[itschip]

@balazsorban44 did you resolve your issue with the redirect url? :)

[vercel]

@itschip is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

[itschip]

@balazsorban44 Do you think it is fine to just use 'oauth' for now. I am currently using that for my project now, and it works fine. If not I'll try once more with 'oidc', even though I have not had any luck with it yet.