lobe-chat的wechat无法扫码登录. 原因是nextauth依赖的oauth4webapi的作者坚持一行无意义的assert代码, 你们有办法解决吗?

[xiangnanscu]

📦 Environment

Official Preview

📌 Version

latest

💻 Operating System

Windows

🌐 Browser

Chrome

🐛 Bug Description

微信开放平台的api响应类型是text/plain, 但是合法的JSON. 但oauth4webapi的作者不认, 真是轴. 此问题导致lobe-chat无法微信扫码登录.

📷 Recurrence Steps

panva/oauth4webapi#155

🚦 Expected Behavior

No response

📝 Additional Information

No response

[lobehubbot]

👀 @xiangnanscu

Thank you for raising an issue. We will investigate into the matter and get back to you as soon as possible.
Please make sure you have given us as much context as possible.
非常感谢您提交 issue。我们会尽快调查此事，并尽快回复您。 请确保您已经提供了尽可能多的背景信息。

[arvinxx]

没有了解细节，粗看的话我觉得这个作者说的有道理的，比较好的解决方案应该是在 next-auth 的 wechat 集成逻辑里优化这部分 fetch 的处理，而不是应该在底层库里改动。建议给 next-auth 的 wechat 实现提 PR？

[xiangnanscu]

也只能这样了.

这是源码, 可以看到assertApplicationJson完全是多余的, 因为后面的try已经处理decode失败的情况. 作为一个底层库, 不知道为啥要assert一些无谓的东西.

  assertReadableResponse(response)
  assertApplicationJson(response)
  let json: JsonValue
  try {
    json = await response.json()
  } catch (cause) {
    throw OPE('failed to parse "response" body as JSON', PARSE_ERROR, cause)
  }

[panva]

As I already pointed out in panva/oauth4webapi#155 (comment), there are means available for you to work around the issue that don't revolve around changing the basics of content type negotiation and validation. The hooks necessary to do so are also available to you in next-auth.

Edit:

FWIW the bundled implementation in next-auth already does that.

[xiangnanscu]

@panva hello, should I modify it like this:
https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/wechat.ts#L104-L117

    token: {
      url: "https://api.weixin.qq.com/sns/oauth2/access_token",
      params: { appid: clientId, secret: clientSecret },
      async conform(response) {
        // modify response's content type here from text/plain to application/json
        const data = await response.json()
        if (data.token_type === "bearer") {
          console.warn(
            "token_type is 'bearer'. Redundant workaround, please open an issue."
          )
          return response
        }
        return Response.json({ ...data, token_type: "bearer" }, response)
      },
    },

[xiangnanscu]

@arvinxx 老哥,能否看一下, 我发现你也是nextauth的开发者. 我研究了半天没发现该怎么workaround, 该改写token? 也没发现next-auth是在哪儿开始调用processGenericAccessTokenResponse(或者调用这个函数的函数):

import WeChat from '@auth/core/providers/wechat';

import { CommonProviderConfig } from './sso.config';

const provider = {
  id: 'wechat',
  provider: WeChat({
    ...CommonProviderConfig,
    clientId: process.env.AUTH_WECHAT_ID,
    clientSecret: process.env.AUTH_WECHAT_SECRET,
    platformType: 'WebsiteApp',
    profile: (profile) => {
      return {
        email: null,
        id: profile.unionid,
        image: profile.headimgurl,
        name: profile.nickname,
        providerAccountId: profile.unionid,
      };
    },
  }),
};

export default provider;

[arvinxx]

这里是外部逻辑了，你得去改next-auth的实现