Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Supabase CLI - Docker Auth Config: Add OAuth Settings #739

Closed
dthyresson opened this issue May 5, 2021 · 3 comments
Closed

Supabase CLI - Docker Auth Config: Add OAuth Settings #739

dthyresson opened this issue May 5, 2021 · 3 comments
Labels
enhancement New feature or request

Comments

@dthyresson
Copy link

dthyresson commented May 5, 2021
edited
Loading

Feature request

Easily configure Supabase with OAuth config environment settings to enable GitHub and other third-party auth in local development.

Is your feature request related to a problem? Please describe.

While the docker-compose.yml included

        GOTRUE_JWT_SECRET: super-secret-jwt-token-with-at-least-32-characters-long
        GOTRUE_JWT_EXP: 3600
        GOTRUE_JWT_DEFAULT_GROUP_NAME: authenticated

Did not immediately know what the envars would be needed to configure GitHub or other OAuth providers.

Describe the solution you'd like

For each: azure, bitbucket, github, gitlab, facebook, and google

GOTRUE_EXTERNAL_GITHUB_ENABLED=true
GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=myappclientid
GOTRUE_EXTERNAL_GITHUB_SECRET=clientsecretvaluessssh

also may need redirect and urls:

EXTERNAL_X_ENABLED - bool

Whether this external provider is enabled or not

EXTERNAL_X_CLIENT_ID - string required

The OAuth2 Client ID registered with the external provider.

EXTERNAL_X_SECRET - string required

The OAuth2 Client Secret provided by the external provider when you registered.

EXTERNAL_X_REDIRECT_URI - string required

The URI a OAuth2 provider will redirect to with the code and state values.

EXTERNAL_X_URL - string

But for all providers, but perhaps commented out or all disables and envars empty.

  • Include a cli option on init to declare a provider/list of providers to setup (but then how to you set up additional after one was setup?)

Additional context

https://github.com/supabase/supabase/blob/766d3c0c9107fb553210dcc02880e2d6a9291fc3/docker/docker-compose.yml#L27

Seems like best option might be to include all by default, just not enabled in the docker-compose so can configure easily when/if needed in future.
@dthyresson dthyresson added the enhancement New feature or request label May 5, 2021
@kiwicopple
Copy link
Member

👍👍👍

Seems like best option might be to include all by default, just not enabled in the docker-compose so can configure easily when/if needed in future.

Yeah good one. We could keep the secrets separate like @firstdorsal is doing in this PR: supabase/supabase#1429

@dthyresson
Copy link
Author

We could keep the secrets separate like @firstdorsal is doing in this PR: supabase/supabase#1429

GOTRUE_JWT_SECRET: $AUTH_GOTRUE_JWT_SECRET

I'd like that since then I could feel safe committing my .ymls to a public GitHub repo, if I ever needed to.

@sweatybridge sweatybridge transferred this issue from supabase/supabase Dec 23, 2022
@sweatybridge
Copy link
Contributor

We are supporting oauth settings via config.toml now

cli/internal/utils/templates/init_config.toml

Line 64 in a302107

[auth.external.apple]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dthyresson @sweatybridge @J0 @kiwicopple