-
Notifications
You must be signed in to change notification settings - Fork 84
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: oauth2 core integration #916
base: 21.0
Are you sure you want to change the base?
Conversation
* feat: Add recipe functions to update/delete OAuth2Client * fix: PR changes
* feat: Add recipe functions to update/delete OAuth2Client * fix: PR changes * feat: Add recipe functions to get OAuth2Clients * fix: PR changes --------- Co-authored-by: Mihaly Lengyel <[email protected]>
* feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * feat!: improve how we handle changing email addresses and users becoming unverified when account linking requires verification (#869) * feat: update email and pw change logic and add more security checks * feat: update error messages * refactor: improve debug logs and clarify conditions * chore: update changelog * chore: empty line from changelog * refactor: remove duplicated check and bypass mapping for already mapped errcodes * chore: update changelog * feat: call isEmailChangeAllowed in pwless updateUser (#875) * feat: call isEmailChangeAllowed in pwless updateUser * test: add updateUser to test-server * chore: remove unnecessary item from changelog * chore: extend changelog to mention exact function names * test: add logging to default overrides in test-server (#876) * fix: circular dependency * fix: fix types in oauth2 index exposed functions * feat: add token building callbacks * test: move the session object and claims to the BE sdk server (#879) * fixes issue of refresh not clearing tokens * adding dev-v18.0.2 tag to this commit to ensure building --------- Co-authored-by: Ankit Tiwari <[email protected]> Co-authored-by: rishabhpoddar <[email protected]>
* feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * fix: circular dependency * feat: Add OAuth2Client recipe * fix: PR changes * fix: PR changes * fix: PR changes * fix: use correct userContext type --------- Co-authored-by: Mihaly Lengyel <[email protected]>
* fix: Remove internal redirects in the OAuth2 flow * fix: PR changes
* feat: add initial oauth2 client apis * feat: Add an api to get login info * fix: merge issues and FE path * fix: WIP fix for CSRF and redirection issues * fix: OAuth2 fixes and test-server updates (#871) * feat: update oauth2 login info endpoint types to match our general patterns * fix: make login flow work * fix: circular dependency * feat: Add OAuth2Client recipe * fix: PR changes * fix: PR changes * fix: PR changes * feat: Add userInfoGET endpoint * fix: PR changes * fix: PR changes * fix: PR changes --------- Co-authored-by: Mihaly Lengyel <[email protected]>
…-node into feat/oauth2/base
* feat: Add token revocation endpoint * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * fix: Add revocation_endpoint
* feat: Add token revocation endpoint * fix: PR changes * fix: PR changes * fix: PR changes * fix: PR changes * feat: Add token introspection endpoint * fix: PR changes * fix: Add revocation_endpoint * fix: PR changes * fix: merge issue --------- Co-authored-by: Mihaly Lengyel <[email protected]>
…overwriteSessionDuringSignInUp deafult to true (#909) * feat: add shouldTryLinkingWithSessionUser flag * feat: add tryLinkingWithSessionUser, forceFreshAuth and small test fixes * fix: test server compatible with 1.17/2.0 (#897) * fix: test server compatible with 1.17 * fix: pr comments * fix: mfa claim * fix: version and changelog * fix: using version function for comparision * fix: circle ci scripts * fix: circle ci testing * fix: circle ci testing * fix: circle ci testing * fix: test server * fix: circle ci restore * adding dev-v20.0.1 tag to this commit to ensure building * fix: config (#905) * adding dev-v20.0.1 tag to this commit to ensure building * feat: prompt param fixing * refactors an exception case * feat: validate max_age * fix: make shouldDoAutomaticAccountLinking properly get the primary user when linking to oldest user (#907) * adding dev-v20.0.2 tag to this commit to ensure building * feat: make shouldTryLinkingWithSessionUser optional in FDI3.1 * feat: fix tryLinkingImplementation and change degault for overwriteSessionDuringSignInUp --------- Co-authored-by: Sattvik Chakravarthy <[email protected]> Co-authored-by: Sattvik Chakravarthy <[email protected]> Co-authored-by: rishabhpoddar <[email protected]>
new NormalisedURLPath(`/recipe/oauth2/pub/token`), | ||
body, | ||
new NormalisedURLPath(`/recipe/oauth/token`), | ||
{ body, iss: await this.getIssuer({ userContext: input.userContext }) }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should rename the body
parameter (let's discuss this in the core PR comments)
@@ -312,19 +315,20 @@ export default function getRecipeInterface( | |||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should remove the above workaround and pass the token payloads as params to the core call instead of calling saveTokensForHook
(which should be removed)
Summary of change
(A few sentences about this PR)
Related issues
Test Plan
(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work. Bonus points for screenshots and videos!)
Documentation changes
(If relevant, please create a PR in our docs repo, or create a checklist here highlighting the necessary changes)
Checklist for important updates
coreDriverInterfaceSupported.json
file has been updated (if needed)lib/ts/version.ts
frontendDriverInterfaceSupported.json
file has been updated (if needed)package.json
package-lock.json
lib/ts/version.ts
npm run build-pretty
recipe/thirdparty/providers/configUtils.ts
file,createProvider
function.git tag
) in the formatvX.Y.Z
, and then find the latest branch (git branch --all
) whoseX.Y
is greater than the latest released tag.add-ts-no-check.js
file to include thatsomeFunc: function () {..}
).exports
inpackage.json
Remaining TODOs for this PR