需要使用azure b2c授权
原始文档中的所有设置https://next-auth.js.org/providers/azure-ad-b2c
import AzureADB2CProvider from 'next-auth/providers/azure-ad-b2c';
import NextAuth from 'next-auth';
export default NextAuth({
providers: [
AzureADB2CProvider({
tenantId: process.env.AZURE_AD_B2C_TENANT_NAME,
clientId: process.env.AZURE_AD_B2C_CLIENT_ID as string,
clientSecret: process.env.AZURE_AD_B2C_CLIENT_SECRET as string,
primaryUserFlow: process.env.AZURE_AD_B2C_PRIMARY_USER_FLOW,
authorization: { params: { scope: 'offline_access openid' } },
}),
],
});
.env.local 已经使用正确的数据完成(如指南中所示),但在尝试登录 http://localhost:3000/api/auth/signin: 时出现此错误:
stack: "Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: Host: somename.onmicrosoft.com.b2clogin.com. is
not in the cert's altnames: DNS:graph.windows.net, DNS:*.aadg.windows.net, DNS:*.aadkds.ppe.reporting.msidentity.com, DNS:*.aadkds.prd.reporting.msidentity
.com, DNS:*.accesscontrol.aadtst3.windows-int.net, DNS:*.accesscontrol.windows-ppe.net, DNS:*.accesscontrol.windows.net, DNS:*.adls.aadkds.ppe.reporting.ms
identity.com, DNS:*.adls.aadkds.prd.reporting.msidentity.com, DNS:*.adti.aadkds.ppe.reporting.msidentity.com, DNS:*.adti.aadkds.prd.reporting.msidentity.co
m, DNS:*.authapp.net, DNS:*.authorization.azure-ppe.net, DNS:*.authorization.azure.net, DNS:*.b2clogin.com, DNS:*.cpim.windows.net, DNS:*.d2k.aadkds.ppe.re
porting.msidentity.com, DNS:*.d2k.aadkds.prd.reporting.msidentity.com, DNS:*.fp.measure.office.com, DNS:*.gateway.windows.net, DNS:*.Identity.azure-int.net
, DNS:*.Identity.azure.net, DNS:*.login.live.com, DNS:*.login.microsoft.com, DNS:*.login.microsoftonline.com, DNS:*.login.windows-ppe.net, DNS:*.logincert.
microsoft.com, DNS:*.logincert.windows-ppe.net, DNS:*.microsoftaik-int.azure-int.net, DNS:*.microsoftaik.azure.net, DNS:*.pt.aadg.msidentity.com, DNS:*.r.l
ogin.microsoft.com, DNS:*.r.login.microsoftonline.com, DNS:*.r.prd.aadg.msidentity.com, DNS:*.windows-ppe.net, DNS:aadcdn.privatelink.msidentity.com, DNS:a
adcdnimages.privatelink.msidentity.com, DNS:aadg.windows.net, DNS:aadgcdn.windows-int.net, DNS:aadgcdn.windows.net, DNS:aadgv6.ppe.windows.net, DNS:aadgv6.
windows.net, DNS:accesscontrol.aadtst3.windows-int.net, DNS:account.live-int.com, DNS:account.live.com, DNS:api.login.live-int.com, DNS:api.login.microsoft
online.com, DNS:api.password.ccsctp.com, DNS:api.passwordreset.microsoftonline.com, DNS:autologon.microsoftazuread-sso.com, DNS:becws.ccsctp.com, DNS:clien
tconfig.microsoftonline-p-int.net, DNS:clientconfig.microsoftonline-p.net, DNS:companymanager.ccsctp.com, DNS:companymanager.microsoftonline.com, DNS:cpim.
windows.net, DNS:device.login.microsoftonline.com, DNS:device.login.windows-ppe.net, DNS:directoryproxy.ppe.windows.net, DNS:directoryproxy.windows.net, DN
S:gatewayforking.windows.net, DNS:graph.ppe.windows.net, DNS:graphstore.windows.net, DNS:ipv6.login.live-int.com, DNS:login-us.microsoftonline.com, DNS:log
in.live-int.com, DNS:login.live.com, DNS:login.microsoft-ppe.com, DNS:login.microsoft.com, DNS:login.microsoftonline-int.com, DNS:login.microsoftonline-p.c
om, DNS:login.microsoftonline-pst.com, DNS:login.microsoftonline.com, DNS:login.passport-int.com, DNS:login.windows.net, DNS:logincert.microsoftonline-int.
com, DNS:logincert.microsoftonline.com, DNS:loginnet.passport-int.com, DNS:microsoftaik-int.azure-int.net, DNS:microsoftaik.azure.net, DNS:msnia.login.live
-int.com, DNS:msnialogin.passport-int.com, DNS:nexus.microsoftonline-p-int.com, DNS:nexus.microsoftonline-p.com, DNS:nexus.passport-int.com, DNS:pas.window
s-ppe.net, DNS:pas.windows.net, DNS:password.ccsctp.com, DNS:passwordreset.activedirectory.windowsazure.us, DNS:passwordreset.microsoftonline.com, DNS:ppe.
aadcdn.privatelink.msidentity.com, DNS:provisioning.microsoftonline.com, DNS:signup.live-int.com, DNS:signup.live.com, DNS:sts.windows.net, DNS:tools.login.live-int.com, DNS:xml.login.live-int.com, DNS:xml.login.live.com\n" +
' at new NodeError (node:internal/errors:387:5)\n' +
' at Object.checkServerIdentity (node:tls:337:12)\n' +
' at TLSSocket.onConnectSecure (node:_tls_wrap:1544:27)\n' +
' at TLSSocket.emit (node:events:513:28)\n' +
' at TLSSocket._finishInit (node:_tls_wrap:948:8)\n' +
' at ssl.onhandshakedone (node:_tls_wrap:729:12)',
name: 'Error'
},
providerId: 'azure-ad-b2c',
有人知道如何解决吗?谷歌根本没有帮助。看起来 azure 工作正常(可以从链接签名),但它不适用于 nextjs 和 next-auth
我也遇到同样的错误。
是
AZURE_AD_B2C_TENANT_NAMEyourTenantNameyourTenantName.onmicrosoft.com我在使用
pg-poolpg-adapter找不到任何有关如何设置主机名的正确文档,但最终通过反复试验使其正常工作,因此在此分享:
// in your ssl config, add the host from the certificate
poolConfig = {
host: ...
password: ...,
...
ssl: {
host: '<certificate-hostname>' // ! here
ca: ...
key: ...
cert: ...
}
}
const pool = new Pool(poolConfig);
...
希望有帮助:)