feat(auth): add OAuth client update support (#1812)

Author: cemalkilic

packages/core/auth-js/src/GoTrueAdminApi.ts

@@ -23,6 +23,7 @@ import {
  SignOutScope,
  GoTrueAdminOAuthApi,
  CreateOAuthClientParams,
+ UpdateOAuthClientParams,
  OAuthClientResponse,
  OAuthClientListResponse,
 } from './lib/types'
@@ -66,6 +67,7 @@ export default class GoTrueAdminApi {
  listClients: this._listOAuthClients.bind(this),
  createClient: this._createOAuthClient.bind(this),
  getClient: this._getOAuthClient.bind(this),
+ updateClient: this._updateOAuthClient.bind(this),
  deleteClient: this._deleteOAuthClient.bind(this),
  regenerateClientSecret: this._regenerateOAuthClientSecret.bind(this),
  }
@@ -414,9 +416,7 @@ export default class GoTrueAdminApi {
  *
  * This function should only be called on a server. Never expose your `service_role` key in the browser.
  */
- private async _createOAuthClient(
- params: CreateOAuthClientParams
- ): Promise<OAuthClientResponse> {
+ private async _createOAuthClient(params: CreateOAuthClientParams): Promise<OAuthClientResponse> {
  try {
  return await _request(this.fetch, 'POST', `${this.url}/admin/oauth/clients`, {
  body: params,
@@ -457,6 +457,33 @@ export default class GoTrueAdminApi {
  }
  }
 
+ /**
+ * Updates an existing OAuth client.
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
+ *
+ * This function should only be called on a server. Never expose your `service_role` key in the browser.
+ */
+ private async _updateOAuthClient(
+ clientId: string,
+ params: UpdateOAuthClientParams
+ ): Promise<OAuthClientResponse> {
+ try {
+ return await _request(this.fetch, 'PUT', `${this.url}/admin/oauth/clients/${clientId}`, {
+ body: params,
+ headers: this.headers,
+ xform: (client: any) => {
+ return { data: client, error: null }
+ },
+ })
+ } catch (error) {
+ if (isAuthError(error)) {
+ return { data: null, error }
+ }
+
+ throw error
+ }
+ }
+
  /**
  * Deletes an OAuth client.
  * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
@@ -467,15 +494,10 @@ export default class GoTrueAdminApi {
  clientId: string
  ): Promise<{ data: null; error: AuthError | null }> {
  try {
- await _request(
- this.fetch,
- 'DELETE',
- `${this.url}/admin/oauth/clients/${clientId}`,
- {
- headers: this.headers,
- noResolveJson: true,
- }
- )
+ await _request(this.fetch, 'DELETE', `${this.url}/admin/oauth/clients/${clientId}`, {
+ headers: this.headers,
+ noResolveJson: true,
+ })
  return { data: null, error: null }
  } catch (error) {
  if (isAuthError(error)) {

packages/core/auth-js/src/lib/types.ts

@@ -1492,6 +1492,8 @@ export type OAuthClient = {
  registration_type: OAuthClientRegistrationType
  /** URI of the OAuth client */
  client_uri?: string
+ /** URI of the OAuth client's logo */
+ logo_uri?: string
  /** Array of allowed redirect URIs */
  redirect_uris: string[]
  /** Array of allowed grant types */
@@ -1525,6 +1527,24 @@ export type CreateOAuthClientParams = {
  scope?: string
 }
 
+/**
+ * Parameters for updating an existing OAuth client.
+ * All fields are optional. Only provided fields will be updated.
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
+ */
+export type UpdateOAuthClientParams = {
+ /** Human-readable name of the OAuth client */
+ client_name?: string
+ /** URI of the OAuth client */
+ client_uri?: string
+ /** URI of the OAuth client's logo */
+ logo_uri?: string
+ /** Array of allowed redirect URIs */
+ redirect_uris?: string[]
+ /** Array of allowed grant types */
+ grant_types?: OAuthClientGrantType[]
+}
+
 /**
  * Response type for OAuth client operations.
  * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
@@ -1574,6 +1594,14 @@ export interface GoTrueAdminOAuthApi {
  */
  getClient(clientId: string): Promise<OAuthClientResponse>
 
+ /**
+ * Updates an existing OAuth client.
+ * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.
+ *
+ * This function should only be called on a server. Never expose your `service_role` key in the browser.
+ */
+ updateClient(clientId: string, params: UpdateOAuthClientParams): Promise<OAuthClientResponse>
+
  /**
  * Deletes an OAuth client.
  * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.