fix(providers): convert Salesforce to OIDC (#11918)

balazsorban44 · web-flow · commit f6b7228bda7c · 2024-09-27T19:23:03.000+01:00
* fix(providers): convert Salesforce to OIDC fixes #11917 * add to examples * Update salesforce.ts
diff --git a/apps/examples/nextjs/auth.ts b/apps/examples/nextjs/auth.ts
@@ -24,6 +24,7 @@ import Passkey from "next-auth/providers/passkey"
 import Pinterest from "next-auth/providers/pinterest"
 import Reddit from "next-auth/providers/reddit"
 import Slack from "next-auth/providers/slack"
+import Salesforce from "next-auth/providers/salesforce"
 import Spotify from "next-auth/providers/spotify"
 import Twitch from "next-auth/providers/twitch"
 import Twitter from "next-auth/providers/twitter"
@@ -88,6 +89,7 @@ const config = {
     Passage,
     Pinterest,
     Reddit,
+    Salesforce,
     Slack,
     Spotify,
     Twitch,
diff --git a/apps/proxy/api/[auth].ts b/apps/proxy/api/[auth].ts
@@ -20,6 +20,7 @@ import Okta from "@auth/core/providers/okta"
 import Passage from "@auth/core/providers/passage"
 import Pinterest from "@auth/core/providers/pinterest"
 import Reddit from "@auth/core/providers/reddit"
+import Salesforce from "@auth/core/providers/salesforce"
 import Slack from "@auth/core/providers/slack"
 import Spotify from "@auth/core/providers/spotify"
 import Twitch from "@auth/core/providers/twitch"
@@ -59,6 +60,7 @@ const authConfig: AuthConfig = {
     Passage,
     Pinterest,
     Reddit,
+    Salesforce,
     Slack,
     Spotify,
     Twitch,
diff --git a/packages/core/src/providers/salesforce.ts b/packages/core/src/providers/salesforce.ts
@@ -1,5 +1,5 @@
 /**
- * <div style={{backgroundColor: "#000", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
+ * <div style={{backgroundColor: "#00a1e0", display: "flex", justifyContent: "space-between", color: "#fff", padding: 16}}>
  * <span>Built-in <b>Salesforce</b> integration.</span>
  * <a href="https://www.salesforce.com/ap/?ir=1">
  *   <img style={{display: "block"}} src="https://authjs.dev/img/providers/salesforce.svg" height="48" />
@@ -8,7 +8,7 @@
  *
  * @module providers/salesforce
  */
-import type { OAuthConfig, OAuthUserConfig } from "./index.js"
+import type { OIDCConfig, OIDCUserConfig } from "./index.js"
 
 export interface SalesforceProfile extends Record<string, any> {
   sub: string
@@ -18,8 +18,6 @@ export interface SalesforceProfile extends Record<string, any> {
 }
 
 /**
- * Add Salesforce login to your page.
- *
  * ### Setup
  *
  * #### Callback URL
@@ -28,66 +26,48 @@ export interface SalesforceProfile extends Record<string, any> {
  * ```
  *
  * #### Configuration
- *```ts
+ * ```ts
  * import { Auth } from "@auth/core"
- * import salesforce from "@auth/core/providers/salesforce"
+ * import Salesforce from "@auth/core/providers/salesforce"
  *
  * const request = new Request(origin)
  * const response = await Auth(request, {
  *   providers: [
- *     salesforce({
- *       clientId: salesforce_CLIENT_ID,
- *       clientSecret: salesforce_CLIENT_SECRET,
+ *     Salesforce({
+ *       clientId: AUTH_SALESFORCE_ID,
+ *       clientSecret: AUTH_SALESFORCE_SECRET,
  *     }),
  *   ],
  * })
  * ```
  *
  * ### Resources
  *
- * - [Salesforce OAuth documentation](https://help.salesforce.com/articleView?id=remoteaccess_authenticate.htm&type=5)
+ * - [Auth0 docs](https://auth0.com/docs/authenticate)
  *
  * ### Notes
  *
- * By default, Auth.js assumes that the salesforce provider is
- * based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
- *
- * :::tip
- *
- * The Salesforce provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/salesforce.ts).
- * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/configuring-oauth-providers).
+ * The Salesforce provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/salesforce.ts). To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/configuring-oauth-providers).
  *
- * :::
- *
- * :::info **Disclaimer**
+ * ## Help
  *
  * If you think you found a bug in the default configuration, you can [open an issue](https://authjs.dev/new/provider-issue).
  *
  * Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from
  * the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec,
  * we might not pursue a resolution. You can ask for more help in [Discussions](https://authjs.dev/new/github-discussions).
- *
- * :::
  */
-export default function Salesforce<P extends SalesforceProfile>(
-  options: OAuthUserConfig<P>
-): OAuthConfig<P> {
-  const { issuer = "https://login.salesforce.com" } = options
+export default function Salesforce(
+  options: OIDCUserConfig<SalesforceProfile>
+): OIDCConfig<SalesforceProfile> {
   return {
     id: "salesforce",
     name: "Salesforce",
-    type: "oauth",
-    authorization: `${issuer}/services/oauth2/authorize?display=page`,
-    token: `${issuer}/services/oauth2/token`,
-    userinfo: `${issuer}/services/oauth2/userinfo`,
-    profile(profile) {
-      return {
-        id: profile.user_id,
-        name: null,
-        email: null,
-        image: profile.picture,
-      }
-    },
+    type: "oidc",
+    issuer: "https://login.salesforce.com",
+    idToken: false,
+    checks: ["pkce", "state", "nonce"],
+    style: { bg: "#00a1e0" },
     options,
   }
 }
