Implement Supabase OAuth Provider Scopes and Redirects

packages/auth/package.json

@@ -9,7 +9,7 @@
   "license": "MIT",
   "devDependencies": {
     "@auth0/auth0-spa-js": "^1.7.0",
-    "@supabase/supabase-js": "^1.3.3",
+    "@supabase/supabase-js": "^1.7.7",
     "@types/netlify-identity-widget": "^1.4.1",
     "@types/react": "17.0.3",
     "firebase": "^7.14.5",

packages/auth/src/authClients/supabase.ts

@@ -8,56 +8,73 @@ export type SupabaseUser = User
 export interface AuthClientSupabase extends AuthClient {
   /**
    * Log in an existing user, or login via a third-party provider.
+   *
    * @param options The user login details.
    * @param options.email The user's email address.
    * @param options.password The user's password.
    * @param { 'azure' | 'bitbucket' | 'facebook' | 'github' | 'gitlab' | 'google' } options.provider One of the providers supported by GoTrue.
+   * @param redirectTo A URL or mobile address to send the user to after they are confirmed.
+   * @param scopes A space-separated list of scopes granted to the OAuth application.
    */
   login(options: {
     email?: string | undefined
     password?: string | undefined
     provider?: Provider
+    redirectTo?: string
+    scopes?: string
   }): Promise<{
-    data: Session | null
+    session: Session | null
     user: User | null
     provider?: Provider
     url?: string | null
     error: Error | null
+    data: Session | null // Deprecated
   }>
   logout(): Promise<{ error: Error | null }>
   /**
    * Creates a new user.
+   *
    * @param options The user login details.
    * @param options.email The user's email address.
    * @param options.password The user's password.
+   * @param redirectTo A URL or mobile address to send the user to after they are confirmed.
    */
   signup(options: {
     email: string
     password: string
+    redirectTo?: string
   }): Promise<{
-    // data: Session | null
     user: User | null
+    session: Session | null
     error: Error | null
+    data: Session | User | null // Deprecated
   }>
+  /**
+   * Restore Redwood authentication state when an OAuth or magiclink
+   * callback redirects back to site with access token
+   * by restoring the Supabase auth session
+   *
+   */
+  restoreAuthState(): void
   client: Supabase
 }
 
 export const supabase = (client: Supabase): AuthClientSupabase => {
   return {
     type: 'supabase',
     client,
-    login: async ({ email, password, provider }) => {
+    login: async ({ email, password, provider, redirectTo, scopes }) => {
       // magic link
       if (email && !password) {
-        return await client.auth.signIn({ email })
+        return await client.auth.signIn({ email }, { redirectTo })
       }
       // email and password
       if (email && password) {
-        return await client.auth.signIn({ email, password })
+        return await client.auth.signIn({ email, password }, { redirectTo })
       }
       // oauth, such as github, gitlab, bitbucket, google, azure etc.
       if (provider) {
-        return await client.auth.signIn({ provider })
+        return await client.auth.signIn({ provider }, { redirectTo, scopes })
       }
       throw new Error(
         `You must provide either an email or a third-party provider.`
@@ -66,21 +83,22 @@ export const supabase = (client: Supabase): AuthClientSupabase => {
     logout: async () => {
       return await client.auth.signOut()
     },
-    signup: async ({ email, password }) => {
-      return await client.auth.signUp({ email, password })
+    signup: async ({ email, password, redirectTo }) => {
+      return await client.auth.signUp({ email, password }, { redirectTo })
     },
-
     getToken: async () => {
       const currentSession = client.auth.session()
       return currentSession?.access_token || null
     },
     getUserMetadata: async () => {
       return await client.auth.user()
     },
-    // restore authentication when an OAuth or magiclink callback
-    // redirects back to site with access token
     restoreAuthState: async () => {
-      return await client.auth.refreshSession()
+      await client.auth.getSessionFromUrl()
+
+      window.history.replaceState({}, document.title, window.location.pathname)
+
+      return
     },
   }
 }

yarn.lock

@@ -3419,17 +3419,17 @@
     resolve-from "^5.0.0"
     store2 "^2.7.1"
 
-"@supabase/gotrue-js@^1.12.0":
-  version "1.12.1"
-  resolved "https://registry.yarnpkg.com/@supabase/gotrue-js/-/gotrue-js-1.12.1.tgz#0c5b9267f5608e6e57d1830c74874864193a5016"
-  integrity sha512-qg3vuABV7IrDBN2KxjvxQosu+RORcrX5l+TifaIUYests041eoxa5++NxE0dyIvsJHPZI3xUlbJ856iDxSkpbg==
+"@supabase/gotrue-js@^1.12.2":
+  version "1.12.2"
+  resolved "https://registry.yarnpkg.com/@supabase/gotrue-js/-/gotrue-js-1.12.2.tgz#48b2f479a1cbb421e5079959a64ec13a31cbd23b"
+  integrity sha512-5kRvMiTqt8wTYyqYmlWfBICSEqYrqnvukwRbXaNQ2GJuSm3Z5CNkLRa9gd1KrLOvo6varTi6M/b8ckcFBe4qxQ==
   dependencies:
     cross-fetch "^3.0.6"
 
-"@supabase/postgrest-js@^0.26.1":
-  version "0.26.1"
-  resolved "https://registry.yarnpkg.com/@supabase/postgrest-js/-/postgrest-js-0.26.1.tgz#8b68c5fc68da25fcfbf6b1f36da4ec6c951edba4"
-  integrity sha512-fD7K6S2bl8JkYqeeZ0hWBWaCz61ktqz2MA4jiugT9FiKITaMgnjekHUwA29KbPsiRRft0HW/bNDRPxrGy+3UNw==
+"@supabase/postgrest-js@^0.28.0":
+  version "0.28.0"
+  resolved "https://registry.yarnpkg.com/@supabase/postgrest-js/-/postgrest-js-0.28.0.tgz#6e383b451057bef4e1caf6fc75c88a935ca5524a"
+  integrity sha512-h7em0UwOy6HK+33kzTOWbOzfB9uXe7DtxNv2JLDcgj9vRN1fSIUSYKrbuwmM93zz3r6ZMpkALXND8S/4fgoXBA==
   dependencies:
     cross-fetch "^3.0.6"
 
@@ -3442,14 +3442,15 @@
     query-string "^6.12.1"
     websocket "^1.0.31"
 
-"@supabase/supabase-js@^1.3.3":
-  version "1.6.0"
-  resolved "https://registry.yarnpkg.com/@supabase/supabase-js/-/supabase-js-1.6.0.tgz#097603e946d08ad4eab70cdfbb74aa1c319b4598"
-  integrity sha512-YQKo9AUCfVZtwX2izTb/fnHA7TigJ3gBaroQs1ntSDbu6/v9QVzCWQHh912qe8BbJAx7Bu36OZCeyYml8OlM8w==
+"@supabase/supabase-js@^1.7.7":
+  version "1.7.7"
+  resolved "https://registry.yarnpkg.com/@supabase/supabase-js/-/supabase-js-1.7.7.tgz#f4c7be3df531ac20c5b13224e4bd4de5d3bf578b"
+  integrity sha512-zbBU/a1hu9rXmm764z29GP3NLxccZrKd64TFkp3K6xkxKgxSs/y4kgfOdVD4+a0xmeE6jBgB/q+4G9PR8GQOPA==
   dependencies:
-    "@supabase/gotrue-js" "^1.12.0"
-    "@supabase/postgrest-js" "^0.26.1"
+    "@supabase/gotrue-js" "^1.12.2"
+    "@supabase/postgrest-js" "^0.28.0"
     "@supabase/realtime-js" "^1.0.6"
+    cross-fetch "^3.1.0"
 
 "@szmarczak/http-timer@^1.1.2":
   version "1.1.2"
@@ -7270,6 +7271,13 @@ cross-fetch@^3.0.6:
   dependencies:
     node-fetch "2.6.1"
 
+cross-fetch@^3.1.0:
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/cross-fetch/-/cross-fetch-3.1.3.tgz#b8e7d5f19161c4a0ca916f707978848786043afb"
+  integrity sha512-2i6v88DTqVBNODyjD9U6Ycn/uSZNvyHe25cIbo2fFnAACAsaLTJsd23miRWiR5NuiGXR9wpJ9d40/9WAhjDIrw==
+  dependencies:
+    node-fetch "2.6.1"
+
 [email protected], cross-spawn@^7.0.0, cross-spawn@^7.0.1, cross-spawn@^7.0.2, cross-spawn@^7.0.3:
   version "7.0.3"
   resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6"