Skip to content

feat: update console OAuth2 provider support#3012

Merged
HarshMN2345 merged 19 commits intomainfrom
feat-11993-console-oauth2
Apr 30, 2026
Merged

feat: update console OAuth2 provider support#3012
HarshMN2345 merged 19 commits intomainfrom
feat-11993-console-oauth2

Conversation

@HarshMN2345
Copy link
Copy Markdown
Member

@HarshMN2345 HarshMN2345 commented Apr 29, 2026

What does this PR do?

(Provide a description of what this PR does.)

Test Plan

(Write your test plan here. If you changed any code, please provide us with clear instructions on how you verified your changes work.)

Related PRs and Issues

(If this PR is related to any other PR or resolves any issue or related to any issue link all related PR and issues here.)

Have you read the Contributing Guidelines on issues?

(Write your answer here.)

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Apr 29, 2026
edited
Loading

Greptile Summary

This PR consolidates all OAuth2 provider modals into a single dynamic mainOAuth.svelte driven by per-provider parameters fetched from the console API, adds three new providers (FusionAuth, Keycloak, Kick), and fixes scope naming (executionexecutions). The buildSecret() function now always emits JSON (fixing the previously flagged raw-string issue), and the scopes picker now handles API failures gracefully without silently clearing selected scopes.

Confidence Score: 3/5

Several previously flagged P1 issues (Yammer missing from switch, null dereference on projectToDelete, paypalSandbox key mismatch) remain open per the thread history — resolve those before merging.

Score reflects three unresolved P1s from prior review threads that are still present in the diff. The new code itself is generally sound, but those open issues cap confidence below 4.

src/routes/(console)/project-[region]-[project]/auth/updateOAuth.ts (Yammer/switch), src/lib/stores/oauth-providers.ts (paypalSandbox key), src/lib/components/organizationUsageLimits.svelte (null dereference)

Important Files Changed

Filename Overview
src/routes/(console)/project-[region]-[project]/auth/updateOAuth.ts Full switch-based provider routing; previously flagged issues (Yammer missing, empty-string vs undefined fallbacks) still present per threads
src/routes/(console)/project-[region]-[project]/auth/(providers)/mainOAuth.svelte Major refactor to dynamic parameters; buildSecret() now always returns JSON (fixing previous raw-string issue); getInitialAppId() duplicates extractAppId() from +page.ts
src/routes/(console)/project-[region]-[project]/auth/settings/+page.ts New loader fetching per-project and console provider lists; extractAppId() duplicates mainOAuth.svelte's getInitialAppId()
src/routes/(console)/project-[region]-[project]/auth/settings/+page.svelte Switches to resolvedOAuthProviders; OAuthProvider component safely guarded by {#if selectedProvider && showProvider}; grid layout improvement
src/lib/stores/oauth-providers.ts All providers consolidated to Main component; new providers (FusionAuth, Keycloak, Kick) added; paypalsandbox renamed to paypalSandbox; Yammer removed — paypalSandbox key mismatch risk flagged in previous thread
src/lib/constants.ts Scope names corrected (execution → executions); deprecated entries kept for backward compatibility
src/routes/(console)/project-[region]-[project]/overview/api-keys/scopes.svelte Migrated to dynamic API-based scope list; error handling improved; mounted guard prevents $effect from clearing scopes on API failure
src/lib/components/organizationUsageLimits.svelte Switched to sdk.forProject for deletion; null dereference on projectToDelete.region still present (previously flagged)

Reviews (14): Last reviewed commit: "fix: prevent scope data-loss when listPr..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps Bot reviewed Apr 29, 2026
View reviewed changes
Comment thread src/routes/(console)/project-[region]-[project]/auth/updateOAuth.ts
Comment thread src/routes/(console)/project-[region]-[project]/auth/updateOAuth.ts Outdated
Comment thread src/routes/(console)/project-[region]-[project]/auth/settings/+page.svelte Outdated
@HarshMN2345 HarshMN2345 requested a review from Meldiron April 29, 2026 14:04
@HarshMN2345
fix: remove unsupported yammer oauth provider
75c34eb
@HarshMN2345
remove yammer and change names
8a78402
@HarshMN2345
feat: dynamic OAuth2 forms and API key scopes from console SDK
ed8bd04 
- Replace hardcoded OAuth2 provider components with a single dynamic
  mainOAuth.svelte that fetches labels, placeholders, and hints from
  listOAuth2Providers; removes 10 now-unused provider-specific files
- Load OAuth2 provider list and enabled state from project SDK in
  +page.ts instead of reading from the project model directly
- Fetch API key scopes from listProjectScopes instead of static
  constants; migrate scopes.svelte to Svelte 5 runes
- Add executions.read/write scope definitions and legacy compat pair
  for execution. -> executions.
- Secret field uses write-only card pattern (Tag -> expandable Card);
  no pre-fill, no silent fallbacks
@HarshMN2345
fix: align updateOAuth secret key names with console API parameter IDs
4e55de1 
- authentikDomain → endpoint (Authentik)
- auth0Domain → endpoint (Auth0)
- tenantID → tenant, clientSecret → applicationSecret (Microsoft)
- oktaDomain → domain (Okta)
- keyID/teamID → keyId/teamId (Apple)
- wellKnownEndpoint/authorizationEndpoint/tokenEndpoint/userinfoEndpoint
  → wellKnownURL/authorizationURL/tokenUrl/userInfoUrl (OIDC)
@HarshMN2345
fix: correct OAuth2 field name mismatches found from API response
838d602 
- Apple: p8 -> p8File (API field is p8File)
- GitLab: clientSecret -> secret (API field is secret)
- oauth-providers: paypalsandbox -> paypalSandbox (matches API $id)
greptile-apps[bot]
greptile-apps Bot reviewed Apr 29, 2026
View reviewed changes
Comment thread src/lib/components/organizationUsageLimits.svelte
@HarshMN2345
perf: prefetch OAuth2 provider params on page load, remove modal loader
0001eb9 
Fetch listOAuth2Providers alongside listOAuth2Providers (project) in
+page.ts using Promise.all, pass parameters as a prop to mainOAuth.
Modal now opens instantly with no spinner or async fetch.
greptile-apps[bot]
greptile-apps Bot reviewed Apr 30, 2026
View reviewed changes
Comment thread src/routes/(console)/project-[region]-[project]/auth/updateOAuth.ts Outdated
@HarshMN2345
feat: replace Apple p8 textarea with file upload zone
e7810c3 
p8File fields now show a drag-and-drop style upload zone by default.
Users can click to upload a .p8 file directly or toggle to paste mode
for manual entry. Loaded files show a confirmation state with a clear
button.
@HarshMN2345
fix-11993-oauth-provider-form-behavior
5686812
@HarshMN2345
fix-11993-oauth-modal-dirty-state
2301a00
@HarshMN2345
fix-11993-restore-oauth-helper-text
16060fb
@Meldiron
Copy link
Copy Markdown
Contributor

Meldiron commented Apr 30, 2026

@greptile

@HarshMN2345
fix: show error alert when listProjectScopes fails in scopes.svelte
05e672b 
Previously a rejected API call left allScopesList empty and mounted
stuck at false with no feedback to the user. Now catches the error,
displays an inline alert, and sets mounted in finally so the component
settles cleanly.
@HarshMN2345
fix: use example presence to infer required fields when provider is e…
2e7e3e7 
…nabled

Parameters with a non-empty example value are treated as required when
the provider is enabled. Params without an example (e.g. GitLab endpoint
for self-hosted) remain optional regardless of enabled state.
@HarshMN2345
fix: prevent scope data-loss when listProjectScopes fails
20d09f7 
mounted is now only set to true on successful load. On error, it stays
false so the $effect never fires, activeScopes stays empty, and the
parent-bound scopes prop is never overwritten with [].
@HarshMN2345 HarshMN2345 merged commit 1ea6e32 into main Apr 30, 2026
3 of 4 checks passed
@HarshMN2345 HarshMN2345 deleted the feat-11993-console-oauth2 branch April 30, 2026 14:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@Meldiron Meldiron Meldiron approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@HarshMN2345 @Meldiron