> [!IMPORTANT]
> Add CRUD operations for OAuth providers, update schemas and error
handling, and include tests for new functionality.
>
> - **Behavior**:
> - Adds CRUD operations for OAuth providers in `client-interface.ts`
and `server-interface.ts`.
> - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing
OAuth provider data.
> - Updates `schema-fields.ts` to include new schemas for OAuth provider
attributes.
> - Adds error handling for OAuth provider operations in
`known-errors.tsx`.
> - **Schema**:
> - Defines `oauthProviderCrudClientUpdateSchema`,
`oauthProviderCrudServerUpdateSchema`, and
`oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`.
> - Updates `projects.ts` to include `oauthProviderReadSchema` and
`oauthProviderWriteSchema`.
> - **Tests**:
> - Adds tests for OAuth provider CRUD operations in
`oauth-providers.test.ts`.
> - **Misc**:
> - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory.
> - Updates `projects.test.ts` to include `provider_config_id` in OAuth
provider configurations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for bca9bcf12b. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add CRUD operations for OAuth providers, update schemas, handle
errors, and include tests.
>
> - **Behavior**:
> - Adds CRUD operations for OAuth providers in `client-interface.ts`
and `server-interface.ts`.
> - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing
OAuth provider data.
> - Updates `schema-fields.ts` to include new schemas for OAuth provider
attributes.
> - Adds error handling for OAuth provider operations in
`known-errors.tsx`.
> - **Schema**:
> - Defines `oauthProviderCrudClientUpdateSchema`,
`oauthProviderCrudServerUpdateSchema`, and
`oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`.
> - Updates `projects.ts` to include `oauthProviderReadSchema` and
`oauthProviderWriteSchema`.
> - **Tests**:
> - Adds tests for OAuth provider CRUD operations in
`oauth-providers.test.ts`.
> - **Misc**:
> - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory.
> - Updates `projects.test.ts` to include `provider_config_id` in OAuth
provider configurations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for aaa55f7d5c. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add E2E tests for OAuth token refresh, update OAuth provider for
consent prompt, and enhance mock server with token revocation.
>
> - **E2E Tests**:
> - Add tests in `connected-accounts.test.ts` to verify access token
usage, refresh on revocation, and re-authorization prompt on refresh
token revocation.
> - **OAuth Provider**:
> - Add `prompt: "consent"` to `getAuthorizationUrl()` in `base.tsx`.
> - Update `MockProvider` in `mock.tsx` to include `offline_access` in
`baseScope`.
> - **Mock OAuth Server**:
> - Add token revocation endpoints in `index.ts` for access and refresh
tokens.
> - Implement in-memory storage for revoked tokens in `index.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for abc2ea3de7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
…oken validity handling in CRUD operations
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances OAuth token handling by adding validity checks, marking
invalid tokens, and attempting token refreshes in `crud.tsx`.
>
> - **Behavior**:
> - Adds `isValid` column to `OAuthAccessToken` and `OAuthToken` in
`migration.sql` and `schema.prisma`.
> - In `crud.tsx`, filters tokens by `isValid` status and marks them
invalid if server-side checks fail.
> - Attempts to refresh tokens if no valid access token is found,
logging errors and marking refresh tokens invalid if refresh fails.
> - **Error Handling**:
> - Uses `captureError` to log token refresh errors in `crud.tsx`.
> - **Misc**:
> - Imports `TokenSet` and `captureError` in `crud.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for a45b64f98e. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Improves email sending error handling in `emails.tsx` by introducing
`StatusError` and a centralized error handling function for consistent
and user-friendly error reporting.
>
> - **Error Handling**:
> - Introduced `StatusError` for better error reporting in `emails.tsx`.
> - Added `handleError` function in `sendEmail()` to log errors and
throw `StatusError` with a user-friendly message.
> - **Email Sending Logic**:
> - Updated `sendEmail()` to use `handleError` for consistent error
handling.
> - Ensures retries for transient errors and logs specific errors for
shared email configurations.
> - **Misc**:
> - Minor refactoring in `sendEmail()` to improve code clarity and
maintainability.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b6dad5dac1. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Added GET and PATCH endpoint for Neon managed project with
`secret-admin-key` auth. The API handler is same as internal projects
API - `/internal/projects/current`
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances OAuth error handling by adding access token validity checks
and improving token refresh logic across multiple providers.
>
> - **Behavior**:
> - Adds `checkAccessTokenValidity()` method to `OAuthBaseProvider` and
implements it in `AppleProvider`, `BitbucketProvider`,
`DiscordProvider`, `FacebookProvider`, `GithubProvider`,
`GitlabProvider`, `GoogleProvider`, `LinkedInProvider`,
`MicrosoftProvider`, `MockProvider`, `SpotifyProvider`, and `XProvider`.
> - In `crud.tsx`, checks token validity before returning it, and
refreshes if invalid.
> - **Error Handling**:
> - In `GithubProvider`, throws `StatusError` for 403 errors when
fetching user emails due to missing permissions.
> - **Misc**:
> - Imports `StatusError` in `github.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for de143b1a92. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Normalize email addresses in user and contact channel creation and
update processes using `normalizeEmail()` function.
>
> - **Behavior**:
> - Normalize emails in `onCreate` and `onUpdate` functions in
`contact-channels/crud.tsx` and `users/crud.tsx` using
`normalizeEmail()`.
> - Handles email normalization for 'gmail.com', 'googlemail.com', and
'live.com' by removing dots.
> - Throws error for invalid email formats in `normalizeEmail()` in
`emails.tsx`.
> - **Functions**:
> - Adds `normalizeEmail()` in `emails.tsx` to standardize email
addresses.
> - Updates `onCreate` and `onUpdate` handlers in
`contact-channels/crud.tsx` and `users/crud.tsx` to use
`normalizeEmail()`.
> - **Tests**:
> - Adds tests for `normalizeEmail()` in `emails.tsx` to verify email
normalization logic.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 2c29c35447. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Update error message for invalid redirect URIs in OAuth callback
handler and adjust tests accordingly.
>
> - **Behavior**:
> - In `route.tsx`, change error handling for invalid redirect URIs to
throw `StatusError` with message: "Invalid redirect URI. You might have
set the wrong redirect URI in the OAuth provider settings. (Please copy
the redirect URI from the Stack Auth dashboard and paste it into the
OAuth provider's dashboard)".
> - **Tests**:
> - Update `callback.test.ts` to expect new error message for untrusted
redirect URL case.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 00c68bc708. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<img width="890" alt="image"
src="https://github.com/user-attachments/assets/1e317987-0a09-4f7c-850a-ac2bddec9390"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add functionality to send sign-in invitation emails, including backend
API, frontend UI, and email template support.
>
> - **Backend**:
> - Add `SIGN_IN_INVITATION` to `EmailTemplateType` in `schema.prisma`
and `migration.sql`.
> - New API route `send-sign-in-invitation/route.tsx` to handle sending
sign-in invitation emails.
> - Implement `sendSignInInvitationEmail()` in `admin-interface.ts`.
> - **Frontend**:
> - Update `page-client.tsx` to include sign-in invitation template
management.
> - Add `SendSignInInvitationDialog` in `page-client.tsx` for sending
invitations.
> - Modify `user-table.tsx` to include sign-in invitation actions.
> - **Email Templates**:
> - Add `sign-in-invitation.tsx` template.
> - Update `utils.tsx` to include metadata for sign-in invitation
emails.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c69530229f. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
…andler
- Introduced `StatusError` to handle cases where the contact channel is
not found during email verification.
- Updated the verification code handler to check for the existence of
the contact channel before attempting to update its verification status,
improving robustness and user feedback.
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add error handling for missing contact channels in email verification
by introducing `StatusError` in `verification-code-handler.tsx`.
>
> - **Error Handling**:
> - Introduced `StatusError` in `verification-code-handler.tsx` to
handle missing contact channels during email verification.
> - Checks for contact channel existence before updating verification
status.
> - **Behavior**:
> - Throws `StatusError` with message "Contact channel not found. Was
your contact channel deleted?" if contact channel is missing.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 49b6d43ecd. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Added error handling for team member updates and contact channel
verification, with corresponding tests.
>
> - **Error Handling**:
> - In `verification-code-handler.tsx`, added `StatusError` for missing
contact channels during email verification.
> - In `crud.tsx`, wrapped `teamMember.update` in a try-catch to log
errors with `StackAssertionError` if update fails.
> - **Testing**:
> - Updated `users.test.ts` to test team selection updates, ensuring
correct team ID is set or unset.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b024f7ba3e. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Allows `primary_email_auth_enabled` to be set to `false` via API,
fixing previous issue, with tests verifying behavior.
>
> - **Behavior**:
> - Allows `primary_email_auth_enabled` to be set to `false` in
`crud.tsx` by using nullish coalescing operator.
> - Updates `usedForAuth` field in `contactChannel` when
`primary_email_auth_enabled` changes without email change.
> - **Tests**:
> - Adds tests in `users.test.ts` to verify disabling and re-enabling
`primary_email_auth_enabled`.
> - Tests cover both specific user updates and current user updates via
`/me` endpoint.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b4b5354bcd. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> This pull request adds support for custom integrations alongside Neon,
including environment updates, database schema changes, new API
endpoints, and comprehensive tests.
>
> - **Environment**:
> - Renamed `STACK_NEON_INTEGRATION_CLIENTS_CONFIG` to
`STACK_INTEGRATION_CLIENTS_CONFIG` in `.env.development`.
> - Added `custom-local` client configuration to
`STACK_INTEGRATION_CLIENTS_CONFIG`.
> - **Database**:
> - Renamed `NeonProvisionedProject` table to `ProvisionedProject` and
updated related constraints and columns in `migration.sql`.
> - Updated `schema.prisma` to reflect table and column renames.
> - **API Endpoints**:
> - Added CRUD operations for custom domains in `domains/`.
> - Implemented OAuth authorization and token exchange for custom
integrations in `oauth/`.
> - Added project provisioning and transfer endpoints for custom
integrations in `projects/`.
> - **IDP**:
> - Updated `createOidcProvider` to handle both Neon and custom
integrations in `idp.ts`.
> - **Tests**:
> - Added e2e tests for custom domain, OAuth, project provisioning, and
transfer in `e2e/tests/backend/endpoints/api/v1/integrations/custom/`.
> - Updated snapshot serializer to handle custom integration paths in
`snapshot-serializer.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 7da89c38eb. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
