Skip to content

feat(gotrue): add OAuth 2.1 client admin endpoints #1244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(gotrue): add OAuth 2.1 client admin endpoints #1244

wants to merge 1 commit into from

Conversation

grdsdev
Copy link
Contributor

@grdsdev grdsdev commented Oct 2, 2025

Summary

This PR adds OAuth 2.1 client administration endpoints to the gotrue package, porting the feature from supabase-js#1582.

The new admin.oauth namespace provides comprehensive OAuth client management capabilities for server-side use with service role keys.

Changes

New API Methods

  • admin.oauth.listClients() - List all OAuth clients with optional pagination
  • admin.oauth.createClient() - Register a new OAuth client
  • admin.oauth.getClient() - Get client details by ID
  • admin.oauth.deleteClient() - Remove an OAuth client
  • admin.oauth.regenerateClientSecret() - Regenerate client secret

New Types

  • OAuthClientGrantType - Grant types enum (authorization_code, refresh_token)
  • OAuthClientResponseType - Response types enum (code)
  • OAuthClientType - Client type enum (public, confidential)
  • OAuthClientRegistrationType - Registration type enum (dynamic, manual)
  • OAuthClient - OAuth client model
  • CreateOAuthClientParams - Parameters for creating OAuth clients
  • OAuthClientResponse - Response wrapper for single client operations
  • OAuthClientListResponse - Response wrapper for list operations

Implementation Details

  • Added GoTrueAdminOAuthApi class following the pattern of GoTrueAdminMFAApi
  • All methods require service_role key and should only be called server-side
  • Proper UUID validation for client IDs
  • Comprehensive test coverage

Usage Example

// Create a new OAuth client
final params = CreateOAuthClientParams(
  clientName: 'My Application',
  redirectUris: ['https://myapp.com/callback'],
  clientUri: 'https://myapp.com',
  scope: 'openid profile email',
);

final response = await supabase.auth.admin.oauth.createClient(params);
final clientId = response.client?.clientId;
final clientSecret = response.client?.clientSecret;

// List all OAuth clients
final clients = await supabase.auth.admin.oauth.listClients();

// Get client by ID
final client = await supabase.auth.admin.oauth.getClient(clientId);

// Regenerate client secret
final updated = await supabase.auth.admin.oauth.regenerateClientSecret(clientId);

// Delete client
await supabase.auth.admin.oauth.deleteClient(clientId);

Notes

  • Only relevant when the OAuth 2.1 server is enabled in Supabase Auth
  • All methods must be called with service_role key
  • Never expose service_role key in client-side code

Test Plan

  • Added comprehensive unit tests for all OAuth admin methods
  • Tests cover create, list, get, delete, and regenerate operations
  • Input validation tests for UUID parameters
  • Code passes dart analyze with no issues
  • Code formatted with dart format

Related

Ported from: supabase/supabase-js#1582

🤖 Generated with Claude Code

@grdsdev @claude
feat(gotrue): add OAuth 2.1 client admin endpoints
278e7f9 
Add support for OAuth 2.1 client administration endpoints in the gotrue package. This feature allows server-side management of OAuth clients through the admin API.

New functionality:
- admin.oauth.listClients(): List OAuth clients with pagination
- admin.oauth.createClient(): Register new OAuth client
- admin.oauth.getClient(): Get client details by ID
- admin.oauth.deleteClient(): Remove OAuth client
- admin.oauth.regenerateClientSecret(): Regenerate client secret

Only relevant when OAuth 2.1 server is enabled in Supabase Auth. All methods require service_role key and should only be called server-side.

Ported from: supabase/supabase-js#1582

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vinzent03 Vinzent03 Vinzent03 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@grdsdev @Vinzent03