fix: github provider should infer redirect_uri

demo/nextjs/lib/auth.ts

@@ -4,14 +4,11 @@ import { reactInvitationEmail } from "./email/invitation";
 import { LibsqlDialect } from "@libsql/kysely-libsql";
 import { reactResetPasswordEmail } from "./email/rest-password";
 import { resend } from "./email/resend";
-
+import Database from "better-sqlite3";
 const from = process.env.BETTER_AUTH_EMAIL || "delivered@resend.dev";
 const to = process.env.TEST_EMAIL || "";
 export const auth = betterAuth({
-	database: new LibsqlDialect({
+	database: new Database("better-auth.db"),
-		url: process.env.TURSO_DATABASE_URL || "",
-		authToken: process.env.TURSO_AUTH_TOKEN || "",
-	}),
 	emailAndPassword: {
 		enabled: true,
 		async sendResetPassword(url, user) {

demo/nextjs/package.json

@@ -45,8 +45,10 @@
     "@react-email/components": "^0.0.25",
     "@react-three/fiber": "^8.17.7",
     "@tanstack/react-query": "^5.56.2",
+    "@types/better-sqlite3": "^7.6.11",
     "better-auth": "workspace:*",
     "better-call": "0.2.3-beta.2",
+    "better-sqlite3": "^11.3.0",
     "class-variance-authority": "^0.7.0",
     "clsx": "^2.1.1",
     "cmdk": "1.0.0",

packages/better-auth/src/api/routes/callback.ts

@@ -69,7 +69,6 @@ export const callbackOAuth = createAuthEndpoint(
 			...user,
 			id,
 		});
-		console.log({ user, data });
 		const parsedState = parseState(c.query.state);
 		if (!parsedState.success) {
 			c.context.logger.error("Unable to parse state");

packages/better-auth/src/social-providers/github.ts

@@ -1,7 +1,7 @@
 import { betterFetch } from "@better-fetch/fetch";
 import { GitHub } from "arctic";
 import type { OAuthProvider, ProviderOptions } from ".";
-import { getRedirectURI } from "./utils";
+import { getRedirectURI, validateAuthorizationCode } from "./utils";
 
 export interface GithubProfile {
 	login: string;
@@ -53,26 +53,27 @@ export interface GithubProfile {
 }
 
 export interface GithubOptions extends ProviderOptions {}
-export const github = ({
+export const github = (options: GithubOptions) => {
-	clientId,
-	clientSecret,
-	scope,
-	redirectURI,
-}: GithubOptions) => {
 	const githubArctic = new GitHub(
-		clientId,
+		options.clientId,
-		clientSecret,
+		options.clientSecret,
-		getRedirectURI("github", redirectURI),
+		getRedirectURI("github", options.redirectURI),
 	);
+	const tokenEndpoint = "https://github.com/login/oauth/access_token";
 	return {
 		id: "github",
 		name: "Github",
 		createAuthorizationURL({ state, scopes }) {
-			const _scopes = scope || scopes || ["user:email"];
+			const _scopes = options.scope || scopes || ["user:email"];
 			return githubArctic.createAuthorizationURL(state, _scopes);
 		},
-		validateAuthorizationCode: async (state) => {
+		validateAuthorizationCode: async (code, _, redirect) => {
-			return await githubArctic.validateAuthorizationCode(state);
+			return validateAuthorizationCode({
+				code,
+				redirectURI: options.redirectURI || getRedirectURI("google", redirect),
+				options,
+				tokenEndpoint,
+			});
 		},
 		async getUserInfo(token) {
 			const { data: profile, error } = await betterFetch<GithubProfile>(

pnpm-lock.yaml

@@ -149,12 +149,18 @@ importers:
       '@tanstack/react-query':
         specifier: ^5.56.2
         version: 5.56.2(react@19.0.0-rc-7771d3a7-20240827)
+      '@types/better-sqlite3':
+        specifier: ^7.6.11
+        version: 7.6.11
       better-auth:
         specifier: workspace:*
         version: link:../../packages/better-auth
       better-call:
         specifier: 0.2.3-beta.2
         version: 0.2.3-beta.2
+      better-sqlite3:
+        specifier: ^11.3.0
+        version: 11.3.0
       class-variance-authority:
         specifier: ^0.7.0
         version: 0.7.0