Overview

This is a note about using Drupal OAuth with NextAuth.js.

Behavior

Access the app created with Next.js and press the “Sign in” button.

If you are not logged into Drupal, you will be redirected to the login screen.

If you are already logged in, an authorization button is displayed. Click to authorize.

The login information is displayed.

Drupal-Side Setup

Module Installation

Install the following module.

https://www.drupal.org/project/simple_oauth

I installed the latest version available at the time of writing.

composerrequire'drupal/simple_oauth:^6.0@beta'

Generating Keys for Token Encryption

Generate a key pair and save them outside the document root for security.

ooppeennssssllgresnars-ainopurtivpartiev.akteey.k-epyub2o0u4t8>public.key

Setting Key Paths

Set the key paths in the admin panel:

/admin/config/people/simple_oauth

If running Drupal on Amazon Lightsail, you may need to change the file owner as follows.

sudochowndaemon:daemonprivate.key

Clients

Access /admin/config/services/consumer.

The default_consumer is already created, so edit it.

Verifying with Postman

Enter the following settings. Assume Drupal is set up at https://drupal.example.org.

When you click “Get New Access Token”, as shown in the behavior section at the beginning, you are redirected to the Drupal screen. After authorization, you are redirected to:

https://oauth.pstmn.io/v1/callback?code=...

Using from Next.js

You can check the source code here:

https://github.com/nakamura196/drupal_oauth_app

There may be room for improvement, but I was able to verify functionality with the following configuration.

e}x;pp]c}r,a,ro{}la}a}tdv,ls,s,eiintcca}t}p}byssryi}i}rcbddayllu,o,r,aneeenffeoue:mpiitup}ka}or}ccsstctttngreeeehra,esfekAssu(o(ous:s"::nnolrsrrnyc}c}ci}r}itineissdiirjakukrt:dttr:acee:no)o)ofeludamm:edoonwcesentr""ISimosdcncccgr;nmh}b;nttter:maasnntcnenar[uDodezpsppi{slloresee,os(huo(neig{sn..s(o.r.tuupra:car:eorrtiidadtta"dt!rrkpp:leieaue{ua)ioteauurto:neeeeenihdCyroner{r::occssncdkh,lptpeic{scqbnn:trroeo,jewnoopnecesttc{eO"ahrtoepetuott_eedrnss{sffrpp(serio)e=np,l"o:nsr__ed__ctcs:sto.n:iiorr{ss.oks;t",c:sotusyisoyt:enoellfooasine{sui,ep.cyrtdenp_="nkwjeeiffsrTd;nTsoEsr{eepi(=:cteuP{t=)s).liieyo,oennsonse:cre:raO-Eosellsk=krsa.cvs:onpexiwSTa{rn{u.eesieae.bee..`nertt":aTywrbn..inntcni=lnsDe"$two:.ai"pao,aepofocdevsRnc{ecpu`t,eirmmrno=ko=;{..UvopxUepat$"t(eao,reunDeP.drtRsrrh{f:`ifmtnnaeRnADeo)LsoaoperTlitao.tcxUvLR"cS.cmrrt"eoUlotki,ctP._U,e{eeesiocasksekiedoS-ADAPsans.zchp.eepeon;uuaaLRUAsrvscae(pjnrnn.snvu_UTL.c..otspls"o"aetetCPH_ehDedisriorsfN}fcr.hLA_SnPRneo.ocneuion)rcauILUCvaUv,neca(qbluoe}csdE_RO.rP._net)u"eEl{ms)ceeNCLPNaADcvsi;e.mlserbTL,EEmLRo.sosapa,tT{su_I,Xs_UdN.ntsrioosIgIET(CPAeEe/elkk_DDNA{LAu"Xnxftfeetm,TUILt,Tv-PahePnnofo_TE_hA.waierrU;krdSHNCoUDwrlrosteoeE_TLrTRwseueveonmCU_IiHU-edndi;RRIEz_Pf:i_dpspELDNaUAotquererT},TtRLrh$usdoso,/_iL_me{ee"fsfaSo}T-rr,iiipEn/OureunloliCaKressaene/ERcpEls.emaxEoiNepsreUtupTd/_notFRotl,eaUcnaIaLhiuRostDlt/ctLdeulaocih,es"bskat/dbTUaellc{"oencinlya,dxkkmblytnaaal}owgcdbo`whekdan)ne/cc;n(dckeUarl/seduidemjperrauanu"isltp,lt`_a,iliad`ss,SnneoeBtteudinaelavddma)eirlepadrbiilroeercittyURIfromenvironmentvariable

Summary

I hope this serves as a helpful reference for using Drupal OAuth.