Nick Posts - Answer Overflow

Nick

•Created by Nick on 3/27/2025 in #help

Get access to genericOAuth profile in customSession

Hi everyone, I have some user groups in keycloak and want to pass them to session.user. The groups are in the genericOAuth profile, as passed to mapProfileToUser. How can I access profile.groups from customSession? Thanks!

const clientOptions = {
    baseUrl: process.env.NEXT_PUBLIC_BASE_URL!,
    database: mongodbAdapter(db),
    plugins: [
        genericOAuth({
            config: [
                {
                    providerId: "keycloak",
                    clientId: process.env.AUTH_KEYCLOAK_ID!,
                    clientSecret: process.env.AUTH_KEYCLOAK_SECRET!,
                    discoveryUrl: `${process.env.AUTH_KEYCLOAK_ISSUER!}/.well-known/openid-configuration`,
                    scopes: ["basic", "offline_access", "openid", "profile", "email"],
                    redirectURI: `${process.env.NEXT_PUBLIC_BASE_URL}/api/auth/oauth2/callback/keycloak`,
                    mapProfileToUser(profile) {
                        const companyGroup = profile?.groups?.find((g: string) => g.includes("/companies/"));
                        const company = companyGroup?.split("/")[companyGroup?.split("/").length - 1]
                        return {
                            ...profile,
                            company,
                        };
                    },
                }
            ]
        }),
        customSession(async ({ user, session }) => {
            // How do I get genericOAuth profile info here??????

            return {
                user: {
                    ...user,
                    // company: profile.company
                },
                session
            };
        }),
        nextCookies(),
    ],
    account: {
        accountLinking: {
            enabled: true,
            trustedProviders: ["keycloak"]
        }
    },
    session: {
        cookieCache: {
            enabled: true,
            maxAge: 3 * 60,
        },
    },
};

export const auth = betterAuth(clientOptions);

const clientOptions = {
    baseUrl: process.env.NEXT_PUBLIC_BASE_URL!,
    database: mongodbAdapter(db),
    plugins: [
        genericOAuth({
            config: [
                {
                    providerId: "keycloak",
                    clientId: process.env.AUTH_KEYCLOAK_ID!,
                    clientSecret: process.env.AUTH_KEYCLOAK_SECRET!,
                    discoveryUrl: `${process.env.AUTH_KEYCLOAK_ISSUER!}/.well-known/openid-configuration`,
                    scopes: ["basic", "offline_access", "openid", "profile", "email"],
                    redirectURI: `${process.env.NEXT_PUBLIC_BASE_URL}/api/auth/oauth2/callback/keycloak`,
                    mapProfileToUser(profile) {
                        const companyGroup = profile?.groups?.find((g: string) => g.includes("/companies/"));
                        const company = companyGroup?.split("/")[companyGroup?.split("/").length - 1]
                        return {
                            ...profile,
                            company,
                        };
                    },
                }
            ]
        }),
        customSession(async ({ user, session }) => {
            // How do I get genericOAuth profile info here??????

            return {
                user: {
                    ...user,
                    // company: profile.company
                },
                session
            };
        }),
        nextCookies(),
    ],
    account: {
        accountLinking: {
            enabled: true,
            trustedProviders: ["keycloak"]
        }
    },
    session: {
        cookieCache: {
            enabled: true,
            maxAge: 3 * 60,
        },
    },
};

export const auth = betterAuth(clientOptions);

5 replies

Gaming

Programming