Skip to content

feat(auth): refactor authentication plugin#103

Merged
FlandiaYingman merged 6 commits intomainfrom
auth
Apr 3, 2026
Merged

feat(auth): refactor authentication plugin#103
FlandiaYingman merged 6 commits intomainfrom
auth

Conversation

@FlandiaYingman
Copy link
Copy Markdown
Member

@FlandiaYingman FlandiaYingman commented Apr 2, 2026
edited
Loading

Copilot AI review requested due to automatic review settings April 2, 2026 01:36
@FlandiaYingman FlandiaYingman linked an issue Apr 2, 2026 that may be closed by this pull request
Add auth support for student club accounts #101
Closed

This comment was marked as outdated.

Sign in to view

@FlandiaYingman FlandiaYingman requested a review from Copilot April 2, 2026 01:55

This comment was marked as outdated.

Sign in to view

@FlandiaYingman FlandiaYingman requested a review from Copilot April 2, 2026 02:22

This comment was marked as outdated.

Sign in to view

FlandiaYingman and others added 3 commits April 1, 2026 22:29
@FlandiaYingman
Update src/plugins/auth.ts
7bfe199 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@FlandiaYingman
ashgoi hwiohfioawhf
2e40e2f
@FlandiaYingman
asdgas fasf
dc1e5d3
@wylited wylited removed their assignment Apr 2, 2026
wylited
wylited requested changes Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@wylited wylited left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this, very cool.

MisterCommand
MisterCommand reviewed Apr 2, 2026
View reviewed changes
src/plugins/auth.ts

const TenantID = {
"ust.hk": "c917f3e2-9322-4926-9bb3-daca730413ca",
"connect.ust.hk": "6c1d4152-39d0-44ca-88d9-b8d6ddca0708",
Copy link
Copy Markdown
Member

@MisterCommand MisterCommand Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

App is using TenantID c917... and is working fine, why are we changing it?

https://github.com/USThing/USThingApp/blob/1e0ee62278f37b1886c787d52d37a610919a8562/app/models/AuthenticationStore.ts#L29

Copy link
Copy Markdown
Member Author

@FlandiaYingman FlandiaYingman Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not really sure why the ust.hk tenant works fine, but theoretically we
should use the connect.ust.hk one for connect.ust.hk users and the ust.hk one
for ust.hk users. My guessing of why it works is that (1) both tenants share the
same JWKS (key set) (and in practice, most Azure OIDC uses the same key set);
and (2) the ust.hk tenant in app acts as the "issuer", and in practice a ust.hk
tenant can issue tokens on behalf of the connect.ust.hk tenant.

@FlandiaYingman
Copy link
Copy Markdown
Member Author

FlandiaYingman commented Apr 2, 2026
edited
Loading

The change in this PR is perfect.

image

I'm planning to adopt an alternative flow of authentication, which effectively creates our own tenant using the domain usthing.xyz. This way, we can create debugging accounts. But that's a future plan.

Copilot AI reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 9 out of 10 changed files in this pull request and generated 5 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

wylited
wylited approved these changes Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@wylited wylited left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

legitimate

@FlandiaYingman
Copy link
Copy Markdown
Member Author

FlandiaYingman commented Apr 3, 2026

aye aye, captain

@FlandiaYingman FlandiaYingman merged commit 0d39e87 into main Apr 3, 2026
9 checks passed
@FlandiaYingman FlandiaYingman deleted the auth branch April 3, 2026 02:50
@github-actions github-actions bot mentioned this pull request Apr 3, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@wylited wylited wylited approved these changes

@sayatodev sayatodev Awaiting requested review from sayatodev

@MisterCommand MisterCommand Awaiting requested review from MisterCommand

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add auth support for student club accounts

4 participants

@FlandiaYingman @MisterCommand @wylited