Overriding keycloak authorization url

[Stenehr]

Provider type

Keycloak

Environment

Binaries:
Node: 17.3.0 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.17 - ~\AppData\Roaming\npm\yarn.CMD
npm: 8.3.0 - C:\Program Files\nodejs\npm.CMD
npmPackages:
next: 12.0.7 => 12.0.7
next-auth: ^4.3.1 => 4.3.1
react: 17.0.2 => 17.0.2

Reproduction URL

Describe the issue

Im using keycloak as a provider and the default setup works out of the box.
Now i need to redirect the users first to the registration form. So i tried to override the authorization url, but i still get redirected to the default url.

How to reproduce

Set keycloak as a provider. Change the authorization property and add a custom url.

export default NextAuth({
  providers: [
    KeycloakProvider({
      clientId: env.KEYCLOAK_ID,
      clientSecret: env.KEYCLOAK_SECRET,
      issuer: `${env.KEYCLOAK_BASE_URL}/realms/${env.KEYCLOAK_REALM}`,
      authorization: { url: `${env.KEYCLOAK_BASE_URL}/realms/${env.KEYCLOAK_REALM}/protocol/openid-connect/registrations` },
    }),
  ],
  secret: env.NEXTAUTH_SECRET,
  callbacks: {
    async jwt({ token, user, profile }) {
      if (profile && user) {
        user.firstName = profile.given_name;
        user.lastName = profile.family_name;

        token.user = user;
      }
      return token;
    },
    session: async ({ session, token }) => {
      if (token?.user) {
        session.user = token.user;
      }
      return session;
    },
  },
});

call signIn with keycloak.
signIn('keycloak', null, { ui_locales: locale });

Expected behavior

Expect to be redirected to "/registrations" not "/auth"

As for local development it is:
"http://localhost:8024/auth/realms/my-realm/protocol/openid-connect/auth" + params.
but it should be
"http://localhost:8024/auth/realms/my-realm/protocol/openid-connect/registrations" + params

[ThangHuuVu]

Now i need to redirect the users first to the registration form. So i tried to override the authorization url, but i still get redirected to the default URL.

I think you misunderstood this configuration. The authorization URL definition: https://datatracker.ietf.org/doc/html/rfc6749#section-3.1

The authorization endpoint is used to interact with the resource owner and obtain an authorization grant.

[Stenehr]

Now i need to redirect the users first to the registration form. So i tried to override the authorization url, but i still get redirected to the default URL.

I think you misunderstood this configuration. The authorization URL definition: https://datatracker.ietf.org/doc/html/rfc6749#section-3.1

The authorization endpoint is used to interact with the resource owner and obtain an authorization grant.

Sorry, my bad.

But is there a way to set the redirect url when signing in ?

[ThangHuuVu]

Yes, you can control this via the redirect callback options:
https://next-auth.js.org/configuration/callbacks#redirect-callback

The redirect callback is called anytime the user is redirected to a callback URL (e.g. on signin or signout).

[Stenehr]

Sorry again, I misworded my intentions.
I meant where im sent to authenticate myself.
As when i click "log in" from the client im forwarded to keycloak.
Keycloaks default seems to be http://localhost:8024/auth/realms/myrealm/protocol/openid-connect/**auth** + params (client_id, scope etc)

But id like it to send me to http://localhost:8024/auth/realms/myrealm/protocol/openid-connect/**registrations** + params (client_id, scope etc)

Can that be done ?

[ThangHuuVu]

I think you can try this option:
https://github.com/panva/node-openid-client/blob/a84950af45a6ac10c0b84752ca684f35c6c13eaf/types/index.d.ts#L120
It can be set via authorization.redirect_uri