From 124539007e818937fde2cc7c495f8413f3b6dff4 Mon Sep 17 00:00:00 2001 From: Vedant Singh <59195118+rsvedant@users.noreply.github.com> Date: Mon, 8 Sep 2025 17:07:58 -0700 Subject: [PATCH 1/3] fix(init-stack): use correct package add commands for bun and pnpm (#886) --- packages/init-stack/src/index.ts | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/packages/init-stack/src/index.ts b/packages/init-stack/src/index.ts index 00cbb34fe..0ef306fb1 100644 --- a/packages/init-stack/src/index.ts +++ b/packages/init-stack/src/index.ts @@ -234,8 +234,19 @@ async function main(): Promise { // Install dependencies console.log(); console.log(colorize.bold`Installing dependencies...`); - const installCommand = packageManager === "yarn" ? "yarn add" : `${packageManager} install`; - await shellNicelyFormatted(`${installCommand} ${packagesToInstall.join(' ')}`, { + const installCommandMap = new Map([ + ["npm", "npm install"], + ["yarn", "yarn add"], + ["pnpm", "pnpm add"], + ["bun", "bun add"], + ]); + const installCommand = installCommandMap.get(packageManager) ?? `${packageManager} install`; + // Quote each package name to avoid shell interpretation of env-overridden values. + const safePackages = packagesToInstall.map((p) => JSON.stringify(p)); + await shellNicelyFormatted(`${installCommand} ${safePackages.join(' ')}`, { + shell: true, + cwd: projectPath, + }); shell: true, cwd: projectPath, }); From 90411e29dff6c1447edf69894df68c8b8bd47904 Mon Sep 17 00:00:00 2001 From: Konstantin Wohlwend Date: Mon, 8 Sep 2025 22:17:33 -0700 Subject: [PATCH 2/3] Better OAuth error logging --- .../[user_id]/[provider_id]/access-token/crud.tsx | 4 ++-- apps/backend/src/oauth/providers/github.tsx | 2 ++ packages/stack-shared/src/utils/jwt.tsx | 12 ++++++++++++ 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/apps/backend/src/app/api/latest/connected-accounts/[user_id]/[provider_id]/access-token/crud.tsx b/apps/backend/src/app/api/latest/connected-accounts/[user_id]/[provider_id]/access-token/crud.tsx index 824ccdda6..093a52a0d 100644 --- a/apps/backend/src/app/api/latest/connected-accounts/[user_id]/[provider_id]/access-token/crud.tsx +++ b/apps/backend/src/app/api/latest/connected-accounts/[user_id]/[provider_id]/access-token/crud.tsx @@ -111,14 +111,14 @@ export const connectedAccountAccessTokenCrudHandlers = createLazyProxy(() => cre scope: data.scope, }); } catch (error) { - captureError('oauth-access-token-refresh-error', { + captureError('oauth-access-token-refresh-error', new StackAssertionError('Error refreshing access token — this might be nothing bad and the refresh token might just be expired, but we should instead of throwing an error check whether this is a legit error or not', { error, tenancyId: auth.tenancy.id, providerId: params.provider_id, userId: params.user_id, refreshToken: token.refreshToken, scope: data.scope, - }); + })); // mark the token as invalid await prisma.oAuthToken.update({ diff --git a/apps/backend/src/oauth/providers/github.tsx b/apps/backend/src/oauth/providers/github.tsx index 23b7ab980..260109bac 100644 --- a/apps/backend/src/oauth/providers/github.tsx +++ b/apps/backend/src/oauth/providers/github.tsx @@ -1,5 +1,6 @@ import { getEnvVariable } from "@stackframe/stack-shared/dist/utils/env"; import { StackAssertionError, StatusError } from "@stackframe/stack-shared/dist/utils/errors"; +import { getJwtInfo } from "@stackframe/stack-shared/dist/utils/jwt"; import { OAuthUserInfo, validateUserInfo } from "../utils"; import { OAuthBaseProvider, TokenSet } from "./base"; @@ -42,6 +43,7 @@ export class GithubProvider extends OAuthBaseProvider { hasAccessToken: !!tokenSet.accessToken, hasRefreshToken: !!tokenSet.refreshToken, accessTokenExpiredAt: tokenSet.accessTokenExpiredAt, + jwtInfo: await getJwtInfo({ jwt: tokenSet.accessToken }), }); } const rawUserInfo = await rawUserInfoRes.json(); diff --git a/packages/stack-shared/src/utils/jwt.tsx b/packages/stack-shared/src/utils/jwt.tsx index 08c701c98..0939a0056 100644 --- a/packages/stack-shared/src/utils/jwt.tsx +++ b/packages/stack-shared/src/utils/jwt.tsx @@ -7,6 +7,7 @@ import { getEnvVariable } from "./env"; import { StackAssertionError } from "./errors"; import { globalVar } from "./globals"; import { pick } from "./objects"; +import { Result } from "./results"; function getStackServerSecret() { const STACK_SERVER_SECRET = getEnvVariable("STACK_SERVER_SECRET"); @@ -18,6 +19,17 @@ function getStackServerSecret() { return STACK_SERVER_SECRET; } +export async function getJwtInfo(options: { + jwt: string, +}) { + try { + const decodedJwt = jose.decodeJwt(options.jwt); + return Result.ok({ payload: decodedJwt }); + } catch (e) { + return Result.error(e); + } +} + export async function signJWT(options: { issuer: string, audience: string, From 389fdefe5570968ac92f8abe85adac85cd085d5c Mon Sep 17 00:00:00 2001 From: Konstantin Wohlwend Date: Mon, 8 Sep 2025 22:18:35 -0700 Subject: [PATCH 3/3] Fix weird formatting --- packages/init-stack/src/index.ts | 3 --- 1 file changed, 3 deletions(-) diff --git a/packages/init-stack/src/index.ts b/packages/init-stack/src/index.ts index 0ef306fb1..11059a178 100644 --- a/packages/init-stack/src/index.ts +++ b/packages/init-stack/src/index.ts @@ -247,9 +247,6 @@ async function main(): Promise { shell: true, cwd: projectPath, }); - shell: true, - cwd: projectPath, - }); await capture(`dependencies-installed`, { packageManager,