* fix: ensure oauth state param matches before finishing oauth flow
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* chore: upgrade openid-client to v6
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* feat: use PKCE for oauth2 on supported clients
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* feat: use state and PKCE in mobile app
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: remove obsolete oauth repository init
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: rewrite callback url if mobile redirect url is enabled
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: propagate oidc client error cause when oauth callback fails
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: adapt auth service tests to required state and PKCE params
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: update sdk types
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: adapt oauth e2e test to work with PKCE
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: allow insecure (http) oauth clients
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
---------
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
Co-authored-by: Jason Rasmussen <jason@rasm.me>
* feat: sync pictureFile with oidc if it isn't set already
fix: move picture writer to get userId
fix: move await promise to the top of the setPicure function before checking its value and automatically create the user folder
chore: code cleanup
* fix: extension double dot
---------
Co-authored-by: Jason Rasmussen <jason@rasm.me>
* refactor: migrate user repository to kysely
* refactor: migrate user repository to kysely
* refactor: migrate user repository to kysely
* refactor: migrate user repository to kysely
* fix: test
* clean up
* fix: metadata retrieval bug
* use correct typeing for upsert metadata
* pr feedback
* pr feedback
* fix: add deletedAt check
* fix: get non deleted user by default
* remove console.log
* fix: stop kysely after command finishes
* final clean up
---------
Co-authored-by: Jason Rasmussen <jason@rasm.me>
* add root resource path '/' to mobile oauth scheme
* chore: add oauth-callback path
* add root resource path '/' to mobile oauth scheme
* chore: add oauth-callback path
* fix: make sure there are three forward slash in callback URL
---------
Co-authored-by: Jason Rasmussen <jason@rasm.me>
Co-authored-by: Alex <alex.tran1502@gmail.com>
* refactor(server): user endpoints
* fix repos
* fix unit tests
---------
Co-authored-by: Daniel Dietzler <mail@ddietzler.dev>
Co-authored-by: Alex <alex.tran1502@gmail.com>
