<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Refactor tenancy configuration structure, affecting authentication,
email, domain, OAuth, and permissions settings, with updates to feature
flag checks, property access, and test assertions.
>
> - **Refactor**:
> - Updated configuration structure for authentication, email, domain,
OAuth, and permissions settings, affecting feature flag checks and
property access in `handlers.tsx`, `route.tsx`, and `crud.tsx`.
> - Improved handling of domain and OAuth provider configurations for
integrations and CRUD operations.
> - Adjusted redirect URL validation and origin checks to use updated
tenancy configuration.
> - Transformed project and tenancy configuration data returned by API
handlers for consistency.
> - Centralized email theme and template retrieval from updated
configuration paths.
> - **Bug Fixes**:
> - Corrected error messages related to OTP sign-in feature
availability.
> - **Tests**:
> - Updated test assertions to match new error messages for OTP sign-in.
> - **Chores**:
> - Reorganized import statements and updated internal logic to align
with new configuration structure.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ae04ae28be. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Refactor**
* Updated configuration structure for authentication, email, domain,
OAuth, and permissions settings, resulting in changes to feature flag
checks and property access throughout the backend.
* Improved handling of domain and OAuth provider configurations for
integrations and CRUD operations.
* Adjusted redirect URL validation and origin checks to use updated
tenancy configuration.
* Transformed project and tenancy configuration data returned by API
handlers for consistency.
* Centralized email theme and template retrieval from updated
configuration paths.
* Simplified redirect URL validation calls by passing tenancy objects
directly.
* Updated passkey, password, OTP, and OAuth feature flag checks to new
nested configuration properties.
* **Bug Fixes**
* Corrected error messages related to OTP sign-in feature availability.
* **Tests**
* Updated test assertions to match new error messages for OTP sign-in.
* **Chores**
* Reorganized import statements and updated internal logic to align with
new configuration structure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> This PR adds default email templates and themes, updates schema and
components, and introduces a migration tool for email templates.
>
> - **Behavior**:
> - Adds default email templates and themes, including `Email
Verification`, `Password Reset`, `Magic Link/OTP`, `Team Invitation`,
and `Sign In Invitation`.
> - Updates `render-email` and `send-email` routes to use `themes` and
`templates` instead of `themeList` and `templateList`.
> - Introduces migration tool for email templates in `page-client.tsx`
and `page.tsx`.
> - **Schema**:
> - Updates `branchConfigSchema` and `organizationConfigDefaults` to use
`selectedThemeId`, `themes`, and `templates`.
> - Adds `templateThemeIdSchema` to `schema-fields.ts`.
> - **Components**:
> - Replaces `ThemePreview` with `EmailPreview` in various components.
> - Adds `ResizableContainer` for email preview resizing.
> - **Tests**:
> - Updates e2e tests for email themes and templates to reflect new
schema and behavior.
> - **Misc**:
> - Renames `themeList` to `themes` and `templateList` to `templates` in
multiple files.
> - Adds new email template metadata in `utils.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 49554ca03d. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
https://www.loom.com/share/950f16dbbda0481ba1dea0cf593f347e?sid=51ed6cc3-5f48-4145-9a65-a6a80a45cab0
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Refactor email rendering and theme management using TypeScript and
esbuild, updating backend routes, frontend components, and tests.
>
> - **Backend Changes**:
> - Updated `render-email` route in `route.tsx` to handle
`theme_tsx_source` and `template_tsx_source`.
> - Modified `email-templates` and `email-themes` routes to use new
theme and template handling logic.
> - Updated `email-template-adapter.ts` to use
`renderEmailWithTemplate`.
> - Enhanced `renderEmailWithTemplate` in `email-themes.tsx` to use
esbuild for bundling.
> - **Frontend Changes**:
> - Updated `page-client.tsx` in email templates and themes to use
`ThemePreview` with `tsxSource`.
> - Modified `CodeEditor` in `code-editor.tsx` to support TypeScript and
JSX with esbuild.
> - Added `use-debounce` to `package.json` for debouncing input changes.
> - **Testing**:
> - Added tests in `email-themes.test.ts` and `render-email.test.ts` to
cover new email rendering logic.
> - Updated `unsubscribe-link.test.ts` to verify unsubscribe
functionality with new email rendering.
> - **Miscellaneous**:
> - Updated `helpers/emails.ts` to export `LightEmailTheme` and
`DarkEmailTheme` as functions.
> - Adjusted `admin-interface.ts` and `admin-app-impl.ts` to support new
email theme and template operations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 891ff8ebf7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fixes unknown theme error by adding fallback to default theme and
updates theme display names.
>
> - **Behavior**:
> - In `route.tsx`, added fallback to `DEFAULT_EMAIL_THEME_ID` if
current theme is unknown.
> - Updates active theme in `tenancy.completeConfig.emails` if unknown.
> - **Display Name Updates**:
> - Changed `displayName` from `default-light` to `Default Light` and
`default-dark` to `Default Dark` in `emails.ts` and `schema-fields.ts`.
> - **Tests**:
> - Updated test cases in `email-themes.test.ts` to reflect new display
names.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 8d2b9f75e2. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fix webhook handling in tests by updating URLs, adding retry logic,
and ensuring correct event handling.
>
> - **Behavior**:
> - Update webhook URL to `http://localhost:12345/webhook` in
`backend-helpers.ts` and `webhooks.test.ts`.
> - Add retry logic in `listWebhookAttempts()` in `backend-helpers.ts`
to handle slow responses.
> - Modify `findWebhookAttempt()` in `backend-helpers.ts` to use updated
`listWebhookAttempts()`.
> - **Tests**:
> - Update `webhooks.test.ts` to use local webhook URL for testing.
> - Add retry logic in `team-memberships.test.ts` to ensure webhook
events are captured.
> - Ensure `team_permission.created` events are correctly handled in
`team-memberships.test.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for cfbff54598. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Add CRUD operations for OAuth providers, update schemas and error
handling, and include tests for new functionality.
>
> - **Behavior**:
> - Adds CRUD operations for OAuth providers in `client-interface.ts`
and `server-interface.ts`.
> - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing
OAuth provider data.
> - Updates `schema-fields.ts` to include new schemas for OAuth provider
attributes.
> - Adds error handling for OAuth provider operations in
`known-errors.tsx`.
> - **Schema**:
> - Defines `oauthProviderCrudClientUpdateSchema`,
`oauthProviderCrudServerUpdateSchema`, and
`oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`.
> - Updates `projects.ts` to include `oauthProviderReadSchema` and
`oauthProviderWriteSchema`.
> - **Tests**:
> - Adds tests for OAuth provider CRUD operations in
`oauth-providers.test.ts`.
> - **Misc**:
> - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory.
> - Updates `projects.test.ts` to include `provider_config_id` in OAuth
provider configurations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for bca9bcf12b. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add CRUD operations for OAuth providers, update schemas, handle
errors, and include tests.
>
> - **Behavior**:
> - Adds CRUD operations for OAuth providers in `client-interface.ts`
and `server-interface.ts`.
> - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing
OAuth provider data.
> - Updates `schema-fields.ts` to include new schemas for OAuth provider
attributes.
> - Adds error handling for OAuth provider operations in
`known-errors.tsx`.
> - **Schema**:
> - Defines `oauthProviderCrudClientUpdateSchema`,
`oauthProviderCrudServerUpdateSchema`, and
`oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`.
> - Updates `projects.ts` to include `oauthProviderReadSchema` and
`oauthProviderWriteSchema`.
> - **Tests**:
> - Adds tests for OAuth provider CRUD operations in
`oauth-providers.test.ts`.
> - **Misc**:
> - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory.
> - Updates `projects.test.ts` to include `provider_config_id` in OAuth
provider configurations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for aaa55f7d5c. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add E2E tests for OAuth token refresh, update OAuth provider for
consent prompt, and enhance mock server with token revocation.
>
> - **E2E Tests**:
> - Add tests in `connected-accounts.test.ts` to verify access token
usage, refresh on revocation, and re-authorization prompt on refresh
token revocation.
> - **OAuth Provider**:
> - Add `prompt: "consent"` to `getAuthorizationUrl()` in `base.tsx`.
> - Update `MockProvider` in `mock.tsx` to include `offline_access` in
`baseScope`.
> - **Mock OAuth Server**:
> - Add token revocation endpoints in `index.ts` for access and refresh
tokens.
> - Implement in-memory storage for revoked tokens in `index.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for abc2ea3de7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Added GET and PATCH endpoint for Neon managed project with
`secret-admin-key` auth. The API handler is same as internal projects
API - `/internal/projects/current`
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Update error message for invalid redirect URIs in OAuth callback
handler and adjust tests accordingly.
>
> - **Behavior**:
> - In `route.tsx`, change error handling for invalid redirect URIs to
throw `StatusError` with message: "Invalid redirect URI. You might have
set the wrong redirect URI in the OAuth provider settings. (Please copy
the redirect URI from the Stack Auth dashboard and paste it into the
OAuth provider's dashboard)".
> - **Tests**:
> - Update `callback.test.ts` to expect new error message for untrusted
redirect URL case.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 00c68bc708. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Added error handling for team member updates and contact channel
verification, with corresponding tests.
>
> - **Error Handling**:
> - In `verification-code-handler.tsx`, added `StatusError` for missing
contact channels during email verification.
> - In `crud.tsx`, wrapped `teamMember.update` in a try-catch to log
errors with `StackAssertionError` if update fails.
> - **Testing**:
> - Updated `users.test.ts` to test team selection updates, ensuring
correct team ID is set or unset.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b024f7ba3e. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Allows `primary_email_auth_enabled` to be set to `false` via API,
fixing previous issue, with tests verifying behavior.
>
> - **Behavior**:
> - Allows `primary_email_auth_enabled` to be set to `false` in
`crud.tsx` by using nullish coalescing operator.
> - Updates `usedForAuth` field in `contactChannel` when
`primary_email_auth_enabled` changes without email change.
> - **Tests**:
> - Adds tests in `users.test.ts` to verify disabling and re-enabling
`primary_email_auth_enabled`.
> - Tests cover both specific user updates and current user updates via
`/me` endpoint.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b4b5354bcd. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> This pull request adds support for custom integrations alongside Neon,
including environment updates, database schema changes, new API
endpoints, and comprehensive tests.
>
> - **Environment**:
> - Renamed `STACK_NEON_INTEGRATION_CLIENTS_CONFIG` to
`STACK_INTEGRATION_CLIENTS_CONFIG` in `.env.development`.
> - Added `custom-local` client configuration to
`STACK_INTEGRATION_CLIENTS_CONFIG`.
> - **Database**:
> - Renamed `NeonProvisionedProject` table to `ProvisionedProject` and
updated related constraints and columns in `migration.sql`.
> - Updated `schema.prisma` to reflect table and column renames.
> - **API Endpoints**:
> - Added CRUD operations for custom domains in `domains/`.
> - Implemented OAuth authorization and token exchange for custom
integrations in `oauth/`.
> - Added project provisioning and transfer endpoints for custom
integrations in `projects/`.
> - **IDP**:
> - Updated `createOidcProvider` to handle both Neon and custom
integrations in `idp.ts`.
> - **Tests**:
> - Added e2e tests for custom domain, OAuth, project provisioning, and
transfer in `e2e/tests/backend/endpoints/api/v1/integrations/custom/`.
> - Updated snapshot serializer to handle custom integration paths in
`snapshot-serializer.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 7da89c38eb. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
