vincentchalamon/[...nextauth].tsx

## [...nextauth].tsx
import NextAuth from "next-auth"
import KeycloakProvider from "next-auth/providers/keycloak"

export const authOptions = {
  // Configure one or more authentication providers
  providers: [
    KeycloakProvider({
      id: 'keycloak',
      clientId: process.env.OIDC_CLIENT_ID,
      issuer: process.env.OIDC_SERVER_URL,
      authorization: {
        // https://authjs.dev/guides/basics/refresh-token-rotation#jwt-strategy
        params: {
          access_type: "offline",
          prompt: "consent",
        },
      },
      // https://github.com/nextauthjs/next-auth/issues/685#issuecomment-785212676
      protection: "pkce",
      // https://github.com/nextauthjs/next-auth/issues/4707
      // @ts-ignore
      clientSecret: null,
      client: {
        token_endpoint_auth_method: "none"
      },
    }),
  ],
}

export default NextAuth(authOptions)
	import NextAuth from "next-auth"
	import KeycloakProvider from "next-auth/providers/keycloak"

	export const authOptions = {
	// Configure one or more authentication providers
	providers: [
	KeycloakProvider({
	id: 'keycloak',
	clientId: process.env.OIDC_CLIENT_ID,
	issuer: process.env.OIDC_SERVER_URL,
	authorization: {
	// https://authjs.dev/guides/basics/refresh-token-rotation#jwt-strategy
	params: {
	access_type: "offline",
	prompt: "consent",
	},
	},
	// https://github.com/nextauthjs/next-auth/issues/685#issuecomment-785212676
	protection: "pkce",
	// https://github.com/nextauthjs/next-auth/issues/4707
	// @ts-ignore
	clientSecret: null,
	client: {
	token_endpoint_auth_method: "none"
	},
	}),
	],
	}

	export default NextAuth(authOptions)