Google OAuth Invalid Grant
Hey, great tutorial. I wanted to get some more control over how the access token jwt get managed and this pretty much covers all the stuff I'm too lazy to go digging for myself.
When implementing, I ran into an issue with invalid grant errors. I haven't reproduced this in your project so I don't know if you've run into this so if you or anyone else does, here's what I did:
- authWithOauth2 is deprecated - switch to authWithOauth2Code (same signature)
- per the answer here.
codeVerfier
gets changed every time you calllistAuthMethods()
.- I fixed this by returning the
authProvider.codeVerifier
in/login/+page.server.ts
(just like the state) and then putting theauthProvider.codeVerifer
on a cookie (again just like state) and finally catching that off the cookie in/callback/server.ts
.
- I fixed this by returning the