wire up to local supabase oidc oauth

2026-05-02 11:52:38 +02:00 · 2026-03-06 12:46:33 +05:30 · 2026-03-06 12:46:33 +05:30 · bd6ef0df28
commit bd6ef0df28
parent 0be3e60560
3 changed files with 36 additions and 4 deletions
--- a/apps/x/apps/renderer/src/components/connectors-popover.tsx
+++ b/apps/x/apps/renderer/src/components/connectors-popover.tsx
@ -2,7 +2,7 @@

 import * as React from "react"
 import { useState, useEffect, useCallback } from "react"
-import { AlertTriangle, Loader2, Mic, Mail, MessageSquare } from "lucide-react"
+import { AlertTriangle, Loader2, Mic, Mail, MessageSquare, User } from "lucide-react"

 import {
  Popover,
@ -505,6 +505,17 @@ export function ConnectorsPopover({ children, tooltip, open: openProp, onOpenCha
            </div>
          ) : (
            <>
+              {/* Rowboat Account */}
+              {providers.includes('rowboat') && (
+                <>
+                  <div className="px-2 py-1.5">
+                    <span className="text-xs font-medium text-muted-foreground">Account</span>
+                  </div>
+                  {renderOAuthProvider('rowboat', 'Rowboat', <User className="size-4" />, 'Connect your Rowboat account')}
+                  <Separator className="my-2" />
+                </>
+              )}
+
              {/* Email & Calendar Section - Google */}
              {providers.includes('google') && (
                <>
--- a/apps/x/packages/core/src/auth/oauth-client.ts
+++ b/apps/x/packages/core/src/auth/oauth-client.ts
@ -46,13 +46,15 @@ export async function discoverConfiguration(
    console.log(`[OAuth] Using cached configuration for ${issuerUrl}`);
    return cached;
  }
-
  console.log(`[OAuth] Discovering authorization server metadata for ${issuerUrl}...`);
  const config = await client.discovery(
    new URL(issuerUrl),
    clientId,
    undefined, // no client_secret (PKCE flow)
-    client.None() // PKCE doesn't require client authentication
+    client.None(), // PKCE doesn't require client authentication
+    {
+      execute: [client.allowInsecureRequests],
+    }
  );

  configCache.set(cacheKey, config);
@ -110,7 +112,10 @@ export async function registerClient(
      client_name: clientName,
      scope: scopes.join(' '),
    },
-    client.None()
+    client.None(),
+    {
+      execute: [client.allowInsecureRequests],
+    },
  );

  const metadata = config.clientMetadata();
--- a/apps/x/packages/core/src/auth/providers.ts
+++ b/apps/x/packages/core/src/auth/providers.ts
@ -1,5 +1,7 @@
 import { z } from 'zod';

+const SUPABASE_PROJECT_URL = 'http://127.0.0.1:54321';
+
 /**
 * Discovery configuration - how to get OAuth endpoints
 */
@ -51,6 +53,20 @@ export type ProviderConfigEntry = ProviderConfig[string];
 * All configured OAuth providers
 */
 const providerConfigs: ProviderConfig = {
+  rowboat: {
+    discovery: {
+      mode: 'issuer',
+      issuer: `${SUPABASE_PROJECT_URL}/.well-known/oauth-authorization-server`,
+    },
+    client: {
+      mode: 'dcr',
+    },
+    scopes: [
+      "openid",
+      "email",
+      "profile",
+    ],
+  },
  google: {
    discovery: {
      mode: 'issuer',