CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-13 21:01:21 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
5c7eb3a8a2
stack/packages/template/src/lib/stack-app
History
Mantra e2dc5f5ee0
[codex] fix OAuth redirect contract (#1393) 
## Summary

- Route browser OAuth redirects through the configured `redirectMethod`
instead of hardcoded `window.location` calls.
- Keep OAuth redirect APIs pending after navigation starts, including
custom redirect methods.
- Add `cliAuthConfirm` handler URL metadata and custom-page prompt
coverage.
- Update SDK spec text for browser OAuth callback and `returnTo`
behavior.

## Root Cause

OAuth helpers previously combined URL construction with direct browser
navigation. That bypassed configured redirect methods and made it too
easy for public redirect APIs to resolve after navigation started.

## Impact

Browser SDK consumers get consistent redirect behavior across built-in
and custom navigation methods. `returnTo` is handled as the
post-callback destination while the OAuth callback URL remains fixed to
the configured handler route.

## Validation

- `pnpm test run packages/template/src/lib/auth.test.ts`
- `pnpm test run apps/e2e/tests/js/oauth.test.ts`
- `pnpm -C packages/template lint`
- `pnpm -C apps/e2e lint`
- `pnpm -C packages/template typecheck`
- `pnpm -C apps/e2e typecheck`

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added CLI authorization confirmation page/flow for terminal-based
auth.
* Added optional returnTo parameter for OAuth to control post-auth
redirects.
* Exposed configurable redirect behavior so apps follow the chosen
redirect method.

* **Bug Fixes**
* OAuth callback now uses app navigation/queued redirects and shows a
fallback link instead of forcing location.assign.

* **Tests**
* Added unit and e2e tests covering OAuth URL generation, scope
handling, and CLI auth confirmation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-28 16:33:59 -07:00
..
api-keys Api Keys (#590) 2025-04-04 13:03:10 -07:00
apps [codex] fix OAuth redirect contract (#1393) 2026-04-28 16:33:59 -07:00
connected-accounts More connected accounts (#1165) 2026-02-18 15:19:35 -08:00
contact-channels Improve user profile page (#712) 2025-07-02 02:59:12 +02:00
customers Payments bulldozer txn rework (#1315) 2026-04-17 22:11:21 +00:00
data-vault Data vaults (#871) 2025-08-30 23:42:56 -07:00
email [Refactor][Feat][Fix] Rework Email Section With New Sent Page, Better Drafts Page, and Settings Page (#1221) 2026-03-11 12:01:36 -07:00
email-templates Split stack-app.ts file into multiple files (#492) 2025-03-02 21:20:42 -08:00
internal-api-keys Fix package build with explicit index.js imports (#677) 2025-05-15 23:55:59 +02:00
notification-categories Send email route and notification settings page (#717) 2025-07-01 19:17:53 -07:00
permissions Config DB migration step 2 (#629) 2025-04-29 14:52:45 -07:00
project-configs [Fix] [Feat] Update OAuth Sign-In and Get Token Functions to Work (#1130) 2026-01-28 02:17:27 +00:00
projects Add onboarding status to Project model and implement related database… (#1246) 2026-03-13 12:00:40 -07:00
session-replays analytics replay filters (#1213) 2026-02-24 13:00:45 -08:00
teams Add server-side flags for anonymous users 2026-04-03 10:43:34 -07:00
users Turnstile integration for fraud protection (#1239) 2026-03-20 21:26:45 +00:00
common.ts Fix session recorder and even tracker access token fetch (#1331) 2026-04-13 18:32:24 -07:00
index.ts dev tool indicator (#1272) 2026-04-13 17:43:03 -07:00
url-targets.test.ts Add useCliAuthConfirmation hook and customizable cliAuthConfirm URL target (#1388) 2026-04-28 15:29:46 -07:00
url-targets.ts Add useCliAuthConfirmation hook and customizable cliAuthConfirm URL target (#1388) 2026-04-28 15:29:46 -07:00