lywsvip/supabase
1
0
Fork 0
mirror of https://github.com/supabase/supabase.git synced 2026-06-21 22:12:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

update oauth app guides

Browse Source
This commit is contained in:
Kang Ming
2023-07-03 13:56:54 +08:00
parent 8278242f3a
commit 6ade1332ea
3 changed files with 32 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/docs/components/Navigation/NavigationMenu/NavigationMenu.constants.ts
View File

@@ -1187,12 +1187,12 @@ export const integrations: NavMenuConstant = {
url: undefined,
items: [
{
name: 'Creating an OAuth App',
url: '/guides/integrations/oauth-apps/creating-an-oauth-app',
name: 'Publish an OAuth App',
url: '/guides/integrations/oauth-apps/publish-an-oauth-app',
},
{
name: 'Authorizing an OAuth App',
url: '/guides/integrations/oauth-apps/authorizing-an-oauth-app',
name: 'Authorize an OAuth App',
url: '/guides/integrations/oauth-apps/authorize-an-oauth-app',
},
],
},

39
apps/docs/pages/guides/integrations/oauth-apps/authorizing-an-oauth-app.mdx → apps/docs/pages/guides/integrations/oauth-apps/authorize-an-oauth-app.mdx
View File

@@ -1,7 +1,7 @@
import Layout from '~/layouts/DefaultGuideLayout'
export const meta = {
id: 'authorizing-an-oauth-app',
id: 'authorize-an-oauth-app',
title: 'Authorize an OAuth App (Beta)',
description: 'Authorize an OAuth App',
}
@@ -16,23 +16,28 @@ The access token returned will grant your application full access to the [Manage
Once you've published your OAuth App on Supabase, you can use the OAuth 2.0 protocol to seek consent from Supabase users to access their organization or project.
1. Within your app's UI, redirect the user to [`https://api.supabase.io/v1/oauth/authorize`](<https://api.supabase.com/api/v1#/oauth%20(beta)/authorize>). Make sure to include all required query parameters such as:
- `client_id` A UUID uniquely identifying your OAuth app in Supabase.
- `redirect_uri` The URL where Supabase will redirect the user after providing consent.
- `scope` The value `all` as scoped access is not available at this time.
- `response_type` Only `code` is allowed at this time.
- `state` Any extra state you wish echoed back to the `redirect_uri`. Note that `redirect_uri` and `state` cannot both exceed 4kB in size.
- We strongly recommend using the PKCE flow for increased security. Generate a random value before taking the user to the authorize endpoint. This value is called code verifier. Hash it with SHA256 and include it as the `code_challenge` parameter, while setting `code_challenge_method` to `s256`. In the next step, you would need to provide the code verifier to get the first access and refresh token.
2. Once the user consents to providing API access to your OAuth App, Supabase will redirect the user to the `redirect_uri` endpoint you provided in the previous step. The URL will additionally contain these query parameters:
- `code` An authorization code you should exchange with Supabase to get the access and refresh token.
- `state` The value you provided in the previous step, to help you associate the request with the user.
1. Within your app's UI, redirect the user to [`https://api.supabase.com/v1/oauth/authorize`](<https://api.supabase.com/api/v1#/oauth%20(beta)/authorize>). Make sure to include all required query parameters such as:
- `client_id` A UUID uniquely identifying your OAuth app in Supabase.
- `redirect_uri` The URL where Supabase will redirect the user after providing consent.
- `scope` The only scope supported is `all`. Scoped access is not available at this time.
- `response_type` The value `code`.
- `state` Information about the state of your app. Note that `redirect_uri` and `state` cannot both exceed 4kB in size.
- We strongly recommend using the PKCE flow for increased security. Generate a random value before taking the user to the authorize endpoint. This value is called code verifier. Hash it with SHA256 and include it as the `code_challenge` parameter, while setting `code_challenge_method` to `s256`. In the next step, you would need to provide the code verifier to get the first access and refresh token.
2. Once the user consents to providing API access to your OAuth App, Supabase will redirect the user to the `redirect_uri` endpoint you provided in the previous step. The URL will contain these query parameters:
- `code` An authorization code you should exchange with Supabase to get the access and refresh token.
- `state` The value you provided in the previous step, to help you associate the request with the user. The `state` property returned here should be compared to the `state` you sent previously.
3. Exchange the authorization code for an access and refresh token by calling `POST https://api.supabase.com/v1/oauth/token` and including the following query parameters:
- `grant_type` The value `authorization_code`.
- `code` The authorization code.
- `client_id` The unique client ID identifying your OAuth App.
- `client_secret` The secret that authenticates your OAuth App to Supabase.
- `redirect_uri` This must be exactly the same URL used in the first step.
- If you used the PKCE flow in the first step, include the code verifier as `code_verifier`.
- `grant_type` The value `authorization_code`.
- `code` The `code` returned in the previous step.
- `client_id` The unique client ID identifying your OAuth App.
- `client_secret` The secret that authenticates your OAuth App to Supabase.
- `redirect_uri` This must be exactly the same URL used in the first step.
- If you used the PKCE flow in the first step, include the code verifier as `code_verifier`.
## Refresh an access token

12
apps/docs/pages/guides/integrations/oauth-apps/creating-an-oauth-app.mdx → apps/docs/pages/guides/integrations/oauth-apps/publish-an-oauth-app.mdx
View File

@@ -1,18 +1,18 @@
import Layout from '~/layouts/DefaultGuideLayout'
export const meta = {
id: 'creating-an-oauth-app',
title: 'Create an OAuth App (Beta)',
description: 'Create an OAuth App',
id: 'publish-an-oauth-app',
title: 'Publish an OAuth App (Beta)',
description: 'Publish an OAuth App',
}
## Overview
This guide steps through registering an OAuth app under your organization.
This guide steps through publishing an OAuth app under your organization.
## Creating an OAuth App
## Publishing an OAuth App
1. In your organization's settings, navigate to the [**OAuth Apps**](https://app.supabase.com/org/_/apps) tab.
1. In your organization's settings, navigate to the [**OAuth Apps**](/dashboard/org/_/apps) tab.
2. In the upper-right section of the page, click **Add application**.
3. In "Application name", fill in the name of your OAuth app.
4. In "Website URL", fill in the URL of the app that's using the OAuth app.