Access token is expired, but re-authorizing doesn't update it (Discord)

[TheColorman]

Question 💬

I'm using the Prisma adapter and MySQL server. I have no issues getting or inserting data in the database, so I don't see why next-auth would either.

When re-authorizing / logging in with an existing user, the "account" table in the MySQL database is not updated, meaning the access_token isn't either. Since the access token is expired, most site functions don't work.

I would expect the access token to get refreshed every time a user logs in. Is this a bug, or am I missing some other way to do this?

How to reproduce ☕️

[...nextauth].js:

import DiscordProvider from "next-auth/providers/discord"
import { PrismaAdapter } from "@next-auth/prisma-adapter"
import { PrismaClient } from "@prisma/client"

const prisma = new PrismaClient()

export default NextAuth({
    adapter: PrismaAdapter(prisma),
    session: {
        strategy: "database",
    },
    providers: [
        DiscordProvider({
            clientId: process.env.DISCORD_CLIENT_ID,
            clientSecret: process.env.DISCORD_CLIENT_SECRET,
            authorization: "https://discord.com/api/oauth2/authorize?scope=identify%20email%20guilds",
        })
    ],
    secret: process.env.SECRET,
    pages: {
        error: "/"
    },
    callbacks: {
        session: async ({ session, user, token }) => {
            // Some stuff that adds Discord User ID to the session object
        }
    }
})

Prisma schema is the default one from the docs.

Contributing 🙌🏽

Yes, I am willing to help answer this question in a PR

[mah51]

I was just coming here to say this! :)

[mattgogerly]

Also wondering this.

[TheColorman]

I'm gonna try making a mockup that uses a different provider to see if the behavior is any different.

EDIT: Just tried with the GitHub provider and I ran into the samme issue. First time login generates an access token, subsequent logins result in an error, seemingly because GitHub doesn't respond to further authorization attempts as long as a user has a valid access token. Revoking the access token directly in the GitHub app, and logging in again does work, but the database still has the old access token stored.
TL;DR, GitHub provider also does not update access token in the database upon re-auth.
Same problem with Google.
This leads me to believe the issues lies with the Prisma adapter or MySQL server, and not the Discord provider.

[TheColorman]

Just tried with GitHub and updated the answer accordingly. Will try again with Google.

[mattgogerly]

Created this issue for this: #3599

[balazsorban44]

#3599 (comment)