From f8461bd24c44c857ff87b3dc95b8945e6bebb5bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9s=20Olivares?= <af.olivares10@gmail.com>
Date: Wed, 5 Feb 2025 09:57:30 +0100
Subject: [PATCH 1/2] Downgrade requested OAuth scope of TikTok provider

The provider is currently requesting a token with `user.info.profile` scope, which is more restrictive than `user.info.basic`. The latter is the one provided by default by the TikTok Login kit and as such, should be the one used for authentication purposes with TikTok. The user info requested by the provider is also covered by the `user.info.basic` scope. For this reason, this PR changes the requested scope to `user.info.basic`.
---
 packages/core/src/providers/tiktok.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/core/src/providers/tiktok.ts b/packages/core/src/providers/tiktok.ts
index bb60110b13..8a32cca843 100644
--- a/packages/core/src/providers/tiktok.ts
+++ b/packages/core/src/providers/tiktok.ts
@@ -293,7 +293,7 @@ export default function TikTok(
       url: "https://www.tiktok.com/v2/auth/authorize",
       params: {
         client_key: options.clientId,
-        scope: "user.info.profile",
+        scope: "user.info.basic",
       },
     },
 

From 016402e78585ff682ca26f6af97021bdf678e113 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9s=20Olivares?= <af.olivares10@gmail.com>
Date: Thu, 6 Feb 2025 09:08:55 +0100
Subject: [PATCH 2/2] Update tiktok.ts

Do not request user_name
---
 packages/core/src/providers/tiktok.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/packages/core/src/providers/tiktok.ts b/packages/core/src/providers/tiktok.ts
index 8a32cca843..9426f2da46 100644
--- a/packages/core/src/providers/tiktok.ts
+++ b/packages/core/src/providers/tiktok.ts
@@ -299,14 +299,15 @@ export default function TikTok(
 
     token: "https://open.tiktokapis.com/v2/oauth/token/",
     userinfo:
-      "https://open.tiktokapis.com/v2/user/info/?fields=open_id,avatar_url,display_name,username",
+      "https://open.tiktokapis.com/v2/user/info/?fields=open_id,avatar_url,display_name",
 
     profile(profile) {
       return {
         id: profile.data.user.open_id,
         name: profile.data.user.display_name,
         image: profile.data.user.avatar_url,
-        email: profile.data.user.email || profile.data.user.username || null,
+         // Email address is not supported by TikTok.
+        email: null,
       }
     },
     style: {