feat: oauth2 core integration #916
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* feat: Add recipe functions to update/delete OAuth2Client * fix: PR changes
* feat: Add recipe functions to update/delete OAuth2Client * fix: PR changes * feat: Add recipe functions to get OAuth2Clients * fix: PR changes --------- Co-authored-by: Mihaly Lengyel <[email protected]>
* feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * feat!: improve how we handle changing email addresses and users becoming unverified when account linking requires verification (#869) * feat: update email and pw change logic and add more security checks * feat: update error messages * refactor: improve debug logs and clarify conditions * chore: update changelog * chore: empty line from changelog * refactor: remove duplicated check and bypass mapping for already mapped errcodes * chore: update changelog * feat: call isEmailChangeAllowed in pwless updateUser (#875) * feat: call isEmailChangeAllowed in pwless updateUser * test: add updateUser to test-server * chore: remove unnecessary item from changelog * chore: extend changelog to mention exact function names * test: add logging to default overrides in test-server (#876) * fix: circular dependency * fix: fix types in oauth2 index exposed functions * feat: add token building callbacks * test: move the session object and claims to the BE sdk server (#879) * fixes issue of refresh not clearing tokens * adding dev-v18.0.2 tag to this commit to ensure building --------- Co-authored-by: Ankit Tiwari <[email protected]> Co-authored-by: rishabhpoddar <[email protected]>
* feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * fix: circular dependency * feat: Add OAuth2Client recipe * fix: PR changes * fix: PR changes * fix: PR changes * fix: use correct userContext type --------- Co-authored-by: Mihaly Lengyel <[email protected]>
* fix: Remove internal redirects in the OAuth2 flow * fix: PR changes
* feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * fix: circular dependency * feat: Add OAuth2Client recipe * fix: PR changes * fix: PR changes * fix: PR changes * feat: Add userInfoGET endpoint * fix: PR changes * fix: PR changes * fix: PR changes --------- Co-authored-by: Mihaly Lengyel <[email protected]>
…-node into feat/oauth2/base
* feat: Add token revocation endpoint * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * fix: Add revocation_endpoint
* feat: Add token revocation endpoint * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * feat: Add token introspection endpoint * fix: PR changes * fix: Add revocation_endpoint * fix: PR changes * fix: merge issue --------- Co-authored-by: Mihaly Lengyel <[email protected]>
…overwriteSessionDuringSignInUp deafult to true (#909) * feat: add shouldTryLinkingWithSessionUser flag * feat: add tryLinkingWithSessionUser, forceFreshAuth and small test fixes * fix: test server compatible with 1.17/2.0 (#897) * fix: test server compatible with 1.17 * fix: pr comments * fix: mfa claim * fix: version and changelog * fix: using version function for comparision * fix: circle ci scripts * fix: circle ci testing * fix: circle ci testing * fix: circle ci testing * fix: test server * fix: circle ci restore * adding dev-v20.0.1 tag to this commit to ensure building * fix: config (#905) * adding dev-v20.0.1 tag to this commit to ensure building * feat: prompt param fixing * refactors an exception case * feat: validate max_age * fix: make shouldDoAutomaticAccountLinking properly get the primary user when linking to oldest user (#907) * adding dev-v20.0.2 tag to this commit to ensure building * feat: make shouldTryLinkingWithSessionUser optional in FDI3.1 * feat: fix tryLinkingImplementation and change degault for overwriteSessionDuringSignInUp --------- Co-authored-by: Sattvik Chakravarthy <[email protected]> Co-authored-by: Sattvik Chakravarthy <[email protected]> Co-authored-by: rishabhpoddar <[email protected]>
porcellus
requested changes
Aug 27, 2024
| new NormalisedURLPath(`/recipe/oauth2/pub/token`), | ||
| body, | ||
| new NormalisedURLPath(`/recipe/oauth/token`), | ||
| { body, iss: await this.getIssuer({ userContext: input.userContext }) }, |
There was a problem hiding this comment.
I think we should rename the body parameter (let's discuss this in the core PR comments)
| @@ -312,19 +315,20 @@ export default function getRecipeInterface( | |||
| } | |||
There was a problem hiding this comment.
we should remove the above workaround and pass the token payloads as params to the core call instead of calling saveTokensForHook (which should be removed)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of change
(A few sentences about this PR)
Related issues
Test Plan
(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)
Documentation changes
(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)
Checklist for important updates
coreDriverInterfaceSupported.jsonfile has been updated (if needed)lib/ts/version.tsfrontendDriverInterfaceSupported.jsonfile has been updated (if needed)package.jsonpackage-lock.jsonlib/ts/version.tsnpm run build-prettyrecipe/thirdparty/providers/configUtils.tsfile,createProviderfunction.git tag) in the formatvX.Y.Z, and then find the latest branch (git branch --all) whoseX.Yis greater than the latest released tag.add-ts-no-check.jsfile to include thatsomeFunc: function () {..}).exportsinpackage.jsonRemaining TODOs for this PR