nuxt-community · Intevel · Jan 14, 2022 · Jan 14, 2022 · Jan 14, 2022 · Jan 14, 2022
diff --git a/.gitignore b/.gitignore
@@ -10,3 +10,4 @@ dist
 package-lock.json
 _book
 temp
+demo/.env
diff --git a/docs/content/en/providers/laravel-jwt.md b/docs/content/en/providers/laravel-jwt.md
@@ -5,7 +5,6 @@ position: 36
 category: Providers
 ---
 
-
 [Source Code](https://github.com/nuxt-community/auth-module/blob/dev/src/providers/laravel-jwt.ts)
 
 This provider is for the [Laravel JWT](https://github.com/tymondesigns/jwt-auth). Please make sure to follow our guide on the route configuration on this page to avoid issues on the authentication.
@@ -114,7 +113,6 @@ Our provider will manage the refresh automatically based on the `token` life.
 
 The default `token` lifetime is `1 hour` and the `refreshToken` is `2 weeks` based on the config. Make sure that your Laravel JWT config matches our Auth Nuxt Laravel JWT config as shown below:
 
-
 ```js
 auth: {
   strategies: {

diff --git a/docs/content/en/providers/laravel-passport.md b/docs/content/en/providers/laravel-passport.md
@@ -38,7 +38,9 @@ this.$auth.loginWith('laravelPassport')
 These options are **REQUIRED**. The `url` is the location of your Laravel application. To obtain the `client_id` and `client_secret`, create a new client app in your [Laravel app](https://laravel.com/docs/passport#managing-clients).
 
 ### User endpoint
+
 `userInfo` endpoint is used to make requests using axios to fetch user data.
 
 ### Token Lifetimes
+
 By default, Passport issues long-lived access tokens that expire after one year. If you change their lifetime, don't forget to update [token max age](../schemes/oauth2#token-2) and [refresh token max age](../schemes/oauth2#refreshtoken).
diff --git a/docs/content/en/providers/laravel-sanctum.md b/docs/content/en/providers/laravel-sanctum.md
@@ -59,4 +59,3 @@ this.$auth.loginWith('laravelSanctum', {
 ```
 
 💁 This provider is based on [cookie scheme](../schemes/cookie) and supports all scheme options.
-
diff --git a/src/providers/google.ts b/src/providers/google.ts
@@ -12,6 +12,7 @@ export function google(
 ): void {
   const DEFAULTS: typeof strategy = {
     scheme: 'oauth2',
+    codeChallengeMethod: '',
     endpoints: {
       authorization: 'https://accounts.google.com/o/oauth2/auth',
       userInfo: 'https://www.googleapis.com/oauth2/v3/userinfo'

diff --git a/src/schemes/oauth2.ts b/src/schemes/oauth2.ts
@@ -57,7 +57,7 @@ export interface Oauth2SchemeOptions
   clientId: string | number
   scope: string | string[]
   state: string
-  codeChallengeMethod: 'implicit' | 'S256' | 'plain'
+  codeChallengeMethod: 'implicit' | 'S256' | 'plain' | ''
   acrValues: string
   audience: string
   autoLogout: boolean
@@ -259,7 +259,7 @@ export class Oauth2Scheme<
     // Set Nonce Value if response_type contains id_token to mitigate Replay Attacks
     // More Info: https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes
     // More Info: https://tools.ietf.org/html/draft-ietf-oauth-v2-threatmodel-06#section-4.6.2
-    if (opts.response_type.includes('token')) {
+    if (opts.response_type.includes('id_token')) {
       opts.nonce = _opts.nonce || randomString(10)
     }
-Original file line number
+Diff line change
@@ Expand Up / @@ -10,3 +10,4 @@ dist @@
     package-lock.json
     _book
     temp
+    demo/.env
Original file line number	Diff line number	Diff line change
Expand Up		@@ -59,4 +59,3 @@ this.$auth.loginWith('laravelSanctum', {
		```

		💁 This provider is based on [cookie scheme](../schemes/cookie) and supports all scheme options.