Files
supabase/apps/studio/data/api-keys/api-keys-query.ts
Terry Sutton 32b5d8c244 feat: enable Self-Service Single Sign-On (SSO) for orgs (#36732)
* Start

* Add join org logic

* Regenerate the API types and add RQ hooks.

* Various fixes to the UI for SSO config.

* Refactor the components to use RHF.

* Fix the loading/error states in the main file.

* fix: minor changes to SSO UI

* Expanded default attribute mapping preset for `Okta` to include `user_name`, `first_name`, and `last_name` to match our docs.
* Normalized role casing in the "Join Organization on Signup" dropdown to match the roles expected by the backend (`Owner`, `Administrator`, `Developer`).
* Added the role (`Read-only`) to the selectable roles for auto-join.
* Call update mutation when an `ssoConfig` has been retrieved.
* Treats `404` as a valid "create" flow state rather than an error.
* Conditionally renders the SSO config form when config is successfully loaded *or* when the provider is not found, allowing users to onboard from scratch and disable the provider.

* chore: prettier

* feat: add a button linking to SSO setup docs

* Revert "feat: add a button linking to SSO setup docs"

This will be included in a separate docs pr.

This reverts commit 0b616fdd2e.

* General clean up

* Nit copy

* Add empty state for SSO

* Smol change

* One last tweak

---------

Co-authored-by: Chris Stockton <180184+cstockton@users.noreply.github.com>
Co-authored-by: Ivan Vasilov <vasilov.ivan@gmail.com>
Co-authored-by: Chris Stockton <chris.stockton@supabase.io>
Co-authored-by: Joshen Lim <joshenlimek@gmail.com>
2025-08-05 17:03:30 -07:00

95 lines
2.5 KiB
TypeScript

import { useQuery, UseQueryOptions } from '@tanstack/react-query'
import { get, handleError } from 'data/fetchers'
import { ResponseError } from 'types'
import { apiKeysKeys } from './keys'
type LegacyKeys = {
api_key: string
description?: string | null
hash?: string | null
id?: string | null
inserted_at?: string | null
name: string
prefix?: string | null
secret_jwt_template?: { role: string } | null
type: 'legacy' | null
updated_at?: string | null
}
type SecretKeys = {
api_key: string
description?: string
hash: string
id: string
inserted_at: string
name: string
prefix: string
secret_jwt_template: { role: string }
type: 'secret'
updated_at?: string
}
type PublishableKeys = {
api_key: string
description?: string
hash?: string
id: string
inserted_at: string
name: string
prefix?: string
secret_jwt_template?: { role: string } | null
type: 'publishable'
updated_at?: string
}
interface APIKeysVariables {
projectRef?: string
reveal?: boolean
}
type APIKey = LegacyKeys | SecretKeys | PublishableKeys
async function getAPIKeys({ projectRef, reveal }: APIKeysVariables, signal?: AbortSignal) {
if (!projectRef) throw new Error('projectRef is required')
const { data, error } = await get(`/v1/projects/{ref}/api-keys`, {
params: { path: { ref: projectRef }, query: { reveal } },
signal,
})
if (error) handleError(error)
// [Jonny]: Overriding the types here since some stuff is not actually nullable or optional
return data as unknown as APIKey[]
}
export type APIKeysData = Awaited<ReturnType<typeof getAPIKeys>>
export const useAPIKeysQuery = <TData = APIKeysData>(
{ projectRef, reveal = false }: APIKeysVariables,
{ enabled = true, ...options }: UseQueryOptions<APIKeysData, ResponseError, TData> = {}
) => {
return useQuery<APIKeysData, ResponseError, TData>(
apiKeysKeys.list(projectRef, reveal),
({ signal }) => getAPIKeys({ projectRef, reveal }, signal),
{
enabled: enabled && typeof projectRef !== 'undefined',
...options,
}
)
}
export const getKeys = (apiKeys: APIKey[] = []) => {
const anonKey = apiKeys.find((x) => x.name === 'anon')
const serviceKey = apiKeys.find((x) => x.name === 'service_role')
// [Joshen] For now I just want 1 of each, I don't need all
const publishableKey = apiKeys.find((x) => x.type === 'publishable')
const secretKey = apiKeys.find((x) => x.type === 'secret')
const allSecretKeys = apiKeys.filter((x) => x.type === 'secret')
return { anonKey, serviceKey, publishableKey, secretKey, allSecretKeys }
}