Is there an equivalent of the v4 token.request callback for OAuth2 providers in next-auth v5?

[mike-axomic]

Hey all, apologies if this has been asked before but I've been search around and unable to find an answer.

I've had issues integrating with a keycloak provider when using a keycloak client that uses jwt for client authentication instead of a client secret.

In v4 of next-auth I was able to get this working by using the token.request function to override the post to keycloak to include the correct params for jwt based client authentication. For example including client_assertion_type and client_assertion to pass the params needed to convert a code into a token as per OAuth spec when using this type of client authentication.

Example for v4:

KeyCloakProvider({
      clientId: process.env.KEYCLOAK_CLIENT_ID || '',
      clientSecret: '',
      issuer: `${process.env.KEYCLOAK_ISSUER}/realms/myrealm`,
      token: {
          async request(context) {
              // implement custom token request here
          }
      }
})

Ideally I want to migrate to next-auth v5, but token.request doesn't seem to be a thing there (no type errors, but just gets ignored and never called). Is there a different way to hook into the code -> token request to the provider in v5? Or failing that is there a different way to implement jwt based keycloak client authentication with v5?

Many thanks!

Mike