stack-auth · fomalhautb · Sep 8, 2024 · Sep 8, 2024 · Sep 8, 2024 · Sep 9, 2024
diff --git a/apps/backend/prisma/migrations/20240926014352_uuid_provider_id/migration.sql b/apps/backend/prisma/migrations/20240926014352_uuid_provider_id/migration.sql
@@ -0,0 +1,2 @@
+-- Update existing records with new random UUIDs as strings
+UPDATE "OAuthProviderConfig" SET "id" = gen_random_uuid()::text;
diff --git a/apps/backend/prisma/seed.ts b/apps/backend/prisma/seed.ts
@@ -1,5 +1,6 @@
 import { prismaClient } from '@/prisma-client';
 import { PrismaClient } from '@prisma/client';
+import { typedFromEntries } from '@stackframe/stack-shared/dist/utils/objects';
 const prisma = new PrismaClient();
 
 
@@ -15,6 +16,7 @@ async function seed() {
   if (oldProject) {
     console.log('Internal project already exists, skipping its creation');
   } else {
+    const oauthConfigs = typedFromEntries((['github', 'spotify', 'google', 'microsoft'] as const).map((id) => [id, crypto.randomUUID()]));
     await prismaClient.$transaction(async (tx) => {
       const createdProject = await prisma.project.upsert({
         where: {
@@ -39,7 +41,7 @@ async function seed() {
               allowLocalhost: true,
               oauthProviderConfigs: {
                 create: (['github', 'spotify', 'google', 'microsoft'] as const).map((id) => ({
-                  id,
+                  id: oauthConfigs[id],
                   proxiedOAuthConfig: {
                     create: {
                       type: id.toUpperCase() as any,
@@ -90,7 +92,7 @@ async function seed() {
                 oauthProviderConfig: {
                   connect: {
                     projectConfigId_id: {
-                      id,
+                      id: oauthConfigs[id],
                       projectConfigId: createdProject.configId,
                     }
                   }
@@ -127,7 +129,7 @@ async function seed() {
             create: [{
               providerAccountId: adminGithubId,
               projectConfigId: createdProject.configId,
-              oauthProviderConfigId: 'github',
+              oauthProviderConfigId: oauthConfigs.github,
             }],
           },
         },

diff --git a/apps/backend/src/app/api/v1/internal/projects/crud.tsx b/apps/backend/src/app/api/v1/internal/projects/crud.tsx
@@ -43,6 +43,8 @@ export const internalProjectsCrudHandlers = createLazyProxy(() => createCrudHand
     const ownerPack = ownerPacks.find(p => p.has(user.id));
     const userIds = ownerPack ? [...ownerPack] : [user.id];
 
+    // TODO: ensure that the oauth configs are valid
+
     const result = await prismaClient.$transaction(async (tx) => {
       const project = await tx.project.create({
         data: {
@@ -63,19 +65,19 @@ export const internalProjectsCrudHandlers = createLazyProxy(() => createCrudHand
                   handlerPath: item.handler_path,
                 }))
               } : undefined,
-              oauthProviderConfigs: data.config?.oauth_providers ? {
-                create: data.config.oauth_providers.map(item => ({
+              oauthProviderConfigs: data.config?.oauth_provider_configs ? {
+                create: data.config.oauth_provider_configs.map(item => ({
                   id: item.id,
-                  proxiedOAuthConfig: item.type === "shared" ? {
+                  proxiedOAuthConfig: item.shared ? {
                     create: {
-                      type: typedToUppercase(ensureSharedProvider(item.id)),
+                      type: typedToUppercase(ensureSharedProvider(item.type)),
                     }
                   } : undefined,
-                  standardOAuthConfig: item.type === "standard" ? {
+                  standardOAuthConfig: !item.shared ? {
                     create: {
-                      type: typedToUppercase(ensureStandardProvider(item.id)),
-                      clientId: item.client_id ?? throwErr('client_id is required'),
-                      clientSecret: item.client_secret ?? throwErr('client_secret is required'),
+                      type: typedToUppercase(ensureStandardProvider(item.type)),
+                      clientId: item.client_id,
+                      clientSecret: item.client_secret,
                       facebookConfigId: item.facebook_config_id,
                       microsoftTenantId: item.microsoft_tenant_id,
                     }
@@ -118,35 +120,46 @@ export const internalProjectsCrudHandlers = createLazyProxy(() => createCrudHand
         },
         data: {
           authMethodConfigs: {
-            create: [
-              ...data.config?.oauth_providers ? project.config.oauthProviderConfigs.map(item => ({
-                enabled: (data.config?.oauth_providers?.find(p => p.id === item.id) ?? throwErr("oauth provider not found")).enabled,
-                oauthProviderConfig: {
-                  connect: {
-                    projectConfigId_id: {
-                      projectConfigId: project.config.id,
-                      id: item.id,
+            create: data.config?.auth_method_configs?.map(item => {
+              switch (item.type) {
+                case "oauth": {
+                  return {
+                    id: item.id,
+                    enabled: item.enabled,
+                    oauthProviderConfig: {
+                      connect: {
+                        projectConfigId_id: {
+                          id: item.oauth_provider_config_id,
+                          projectConfigId: project.config.id,
+                        }
+                      }
                     }
-                  }
+                  };
                 }
-              })) : [],
-              ...data.config?.magic_link_enabled ? [{
-                enabled: true,
-                otpConfig: {
-                  create: {
-                    contactChannelType: 'EMAIL',
-                  }
-                },
-              }] : [],
-              ...(data.config?.credential_enabled ?? true) ? [{
-                enabled: true,
-                passwordConfig: {
-                  create: {
-                    identifierType: 'EMAIL',
-                  }
-                },
-              }] : [],
-            ]
+                case "password": {
+                  return {
+                    id: item.id,
+                    enabled: item.enabled,
+                    passwordConfig: {
+                      create: {
+                        identifierType: 'EMAIL',
+                      }
+                    }
+                  };
+                }
+                case "otp": {
+                  return {
+                    id: item.id,
+                    enabled: item.enabled,
+                    otpConfig: {
+                      create: {
+                        contactChannelType: 'EMAIL',
+                      }
+                    }
+                  };
+                }
+              }
+            }),
           }
         }
       });
@@ -157,14 +170,14 @@ export const internalProjectsCrudHandlers = createLazyProxy(() => createCrudHand
           id: project.config.id,
         },
         data: {
-          connectedAccountConfigs: data.config?.oauth_providers ? {
-            create: project.config.oauthProviderConfigs.map(item => ({
-              enabled: (data.config?.oauth_providers?.find(p => p.id === item.id) ?? throwErr("oauth provider not found")).enabled,
+          connectedAccountConfigs: data.config?.connected_account_configs ? {
+            create: data.config.connected_account_configs.map(item => ({
+              enabled: item.enabled,
               oauthProviderConfig: {
                 connect: {
                   projectConfigId_id: {
                     projectConfigId: project.config.id,
-                    id: item.id,
+                    id: item.oauth_provider_config_id,
                   }
                 }
               }