Skip to content

feat(oauth): add Dribble OAuth provider#153

Merged
halvaradop merged 3 commits intomasterfrom
feat/add-dribble-aouth
Apr 23, 2026
Merged

feat(oauth): add Dribble OAuth provider#153
halvaradop merged 3 commits intomasterfrom
feat/add-dribble-aouth

Conversation

@halvaradop
Copy link
Copy Markdown
Member

@halvaradop halvaradop commented Apr 23, 2026
edited by coderabbitai Bot
Loading

Description

This pull request adds the Atlassian OAuth provider to the list of supported OAuth integrations in the Aura Auth library.
With this addition, Aura Auth now supports seven OAuth providers: GitHub, Bitbucket, Figma, Discord, GitLab, Spotify, X, Strava and Atlassian

Usage

import { createAuth } from "@aura-stack/auth"

export const auth = createAuth({
  oauth: ["dribble"],
})

export const { handlers } = auth

Summary by CodeRabbit

  • New Features

    • Added Dribble as an OAuth authentication provider, enabling users to sign in with their Dribble accounts.

  • Documentation

    • Added setup guide for Dribble authentication, covering configuration, environment variables, sign-in methods, and session retrieval.

@halvaradop halvaradop added the oauth Changes related to OAuth flows, providers, tokens, or authentication integration. label Apr 23, 2026
@vercel
Copy link
Copy Markdown
Contributor

vercel Bot commented Apr 23, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
auth Ready Ready Preview, Comment Apr 23, 2026 9:33pm

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 23, 2026
edited
Loading

Warning

Rate limit exceeded

@halvaradop has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 39 minutes and 35 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 39 minutes and 35 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 953f9409-7987-4608-947a-d7b9c075e1d5

📥 Commits

Reviewing files that changed from the base of the PR and between 0dd0cd4 and a1300f2.

📒 Files selected for processing (3)
  • docs/src/content/docs/oauth/dribble.mdx
  • packages/core/CHANGELOG.md
  • packages/core/src/oauth/dribble.ts
📝 Walkthrough

Walkthrough

This pull request adds support for Dribble as a new OAuth provider to the Aura Stack authentication system. It includes the Dribble provider implementation with TypeScript interfaces, a provider factory configuration, documentation for setup and usage, and integration into the existing OAuth provider registry.

Changes

Cohort / File(s) Summary
Documentation
docs/src/content/docs/oauth/dribble.mdx		 New documentation page covering Dribble OAuth application registration, environment variable configuration, provider setup options, sign-in triggering methods (direct navigation, client-side, server-side), and session retrieval patterns with security callouts.
Provider Implementation
packages/core/src/oauth/dribble.ts		 New OAuth provider module defining DribbleDefault, DribbleTeams, and DribbleProfile interfaces, along with a dribble factory function that configures authorization/token endpoints, default scopes, and a profile transformation mapping Dribble fields to standardized user fields.
OAuth Registry
packages/core/src/oauth/index.ts		 Exports and registers the new Dribble provider in the builtInOAuthProviders registry, enabling it to be resolved via the BuiltInOAuthProvider type and environment configuration flow.

Possibly related PRs

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A Dribble of code, so clean and so neat,
New OAuth flows make authentication complete!
With profiles transformed and endpoints aligned,
User sessions secured, perfectly signed~

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely describes the main change: adding Dribble OAuth provider support to the codebase.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/add-dribble-aouth

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed Apr 23, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🧹 Nitpick comments (1)
packages/core/src/oauth/dribble.ts (1)

59-64: Normalize nullable email to undefined for consistency.

DribbleProfile.email is string | null, but the UserIdentity schema treats email as optional/nullable; the existing github provider explicitly normalizes with profile.email ?? undefined. Aligning here keeps the user shape consistent across providers and avoids surprising downstream consumers that distinguish null from undefined.

♻️ Proposed change 
             return {
                 sub: String(profile.id),
                 name: profile.name,
                 image: profile.avatar_url,
-                email: profile.email,
+                email: profile.email ?? undefined,
             } as DefaultUser
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@packages/core/src/oauth/dribble.ts` around lines 59 - 64, The returned
DefaultUser currently assigns profile.email which is DribbleProfile.email
(string | null); normalize nullable emails to undefined to match other providers
and the UserIdentity schema by replacing the raw assignment with a normalized
value (e.g., use profile.email ?? undefined) in the object returned from the
function that builds the DefaultUser (the block returning { sub:
String(profile.id), name: profile.name, image: profile.avatar_url, email: ...
}).
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/src/content/docs/oauth/dribble.mdx`:
- Around line 1-4: The frontmatter description string is ungrammatical; update
the page metadata `description` in dribble.mdx (the YAML frontmatter
`description` field) to a correct sentence such as "Add Dribble authorization
provider to Aura Auth for authentication and authorization" or another concise
equivalent, preserving capitalization and punctuation.
- Around line 36-42: Replace the outdated step-by-step Dribbble OAuth
registration instructions (remove references to "Settings > Applications" and
the "Register a new application" button) with a concise note linking to
Dribbble's official developer portal (https://developer.dribbble.com/) and
specifying the required callback URL format (e.g., keep the example callback
`http://localhost:3000/auth/callback/dribble` but instruct to replace with
production domain), and update the text to state that Client ID and Client
Secret are generated and shown immediately upon registration (no separate
"Generate a new client secret" step); ensure the link and corrected phrases
replace the existing numbered steps in the Dribble OAuth doc.

In `@packages/core/src/oauth/dribble.ts`:
- Around line 57-65: Remove the debug console.log in the Dribble provider's
profile mapper so PII isn't written to stdout: in
packages/core/src/oauth/dribble.ts inside the profile: (profile) => { ... }
callback delete the line console.log("Dribble profile", profile) (or replace it
with a non-PII debug signal if you have a centralized logger), and return the
sanitized DefaultUser object exactly as constructed by sub/name/image/email in
the profile function.
- Around line 6-67: Provider and identifiers are misspelled as "Dribble" (two
b's); rename to the correct "Dribbble" (three b's) and update all references and
docs. Rename the file dribble.ts → dribbble.ts and update the exported const
name dribble → dribbble and its id/name fields (id: "dribbble", name:
"Dribbble"); rename interfaces DribbleDefault/DribbleTeams/DribbleProfile →
DribbbleDefault/DribbbleTeams/DribbbleProfile and update any usages. Update
imports/exports and registry key in oauth index (references to dribble) and
adjust docs/examples (docs/oauth/dribble.mdx) including oauth array entries,
callback paths (/auth/callback/dribbble), and generated env var prefixes
(AURA_AUTH_DRIBBBLE_CLIENT_ID/SECRET). Ensure tests/build references are updated
to the new identifiers and file name.

---

Nitpick comments:
In `@packages/core/src/oauth/dribble.ts`:
- Around line 59-64: The returned DefaultUser currently assigns profile.email
which is DribbleProfile.email (string | null); normalize nullable emails to
undefined to match other providers and the UserIdentity schema by replacing the
raw assignment with a normalized value (e.g., use profile.email ?? undefined) in
the object returned from the function that builds the DefaultUser (the block
returning { sub: String(profile.id), name: profile.name, image:
profile.avatar_url, email: ... }).
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 758aa29e-98f9-4c41-8755-b2e7620faf5e

📥 Commits

Reviewing files that changed from the base of the PR and between ad52cb8 and 0dd0cd4.

📒 Files selected for processing (3)
  • docs/src/content/docs/oauth/dribble.mdx
  • packages/core/src/oauth/dribble.ts
  • packages/core/src/oauth/index.ts

Comment thread docs/src/content/docs/oauth/dribble.mdx
Comment thread docs/src/content/docs/oauth/dribble.mdx Outdated
Comment thread packages/core/src/oauth/dribble.ts Outdated
Comment thread packages/core/src/oauth/dribble.ts
@halvaradop halvaradop merged commit bdb0f62 into master Apr 23, 2026
7 checks passed
@halvaradop halvaradop deleted the feat/add-dribble-aouth branch April 23, 2026 21:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

oauth Changes related to OAuth flows, providers, tokens, or authentication integration.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@halvaradop