feat: add bluesky as a provider

atinux / nuxt-auth-utils

Add Authentication to Nuxt applications with secured & sealed cookies sessions.

MIT License

973 stars 91 forks source link

feat: add bluesky as a provider #281

Open noook opened 1 week ago

noook commented 1 week ago

Resolves: https://github.com/atinux/nuxt-auth-utils/issues/267

This PR adds Bluesky as a provider.

This provider requires the user to install extra dependencies to properly handle authorization, because of the way Bluesky works.

In order to begin the authorization process, we first need to know the user handle. This is required because we need to know against which instance of Bluesky we need to verify the user. Doing all the verifications manually require a lot of steps and adds complexity, so we use the atproto API instead.

atinux commented 1 week ago

Damn you are on 🔥

Regarding the scopes, I think we can anyway remove the duplicate because such a change on defu can have strong side effects, might be easier to do it ourself after the merge.

Something like:

config.scopes = [...new Set(config.scopes)]

noook commented 1 week ago

I'm not sure I'm satisfied regarding the current implementation. Basically Bluesky is just a provider using atproto underneath, and we could have sooner or later another atproto provider.

I think I'm facing the same issues that come with the complexity of providing a generic OIDC provider, but with the additional build time constraints on top of that (exposing the discovery document)

So the configuration would be split into two parts:

atproto -> next to oauth and webauthn configuration. Probably a boolean, so we can check that the peer dependencies are installed.
oauth.${atprotoProvider} -> Should implement an interface such that matches the "Client ID Metadata Document" section on this document that seems to be a common base for future atproto providers

I guess the new challenge here is to provide the dynamic metadata handler

atinux commented 1 week ago

So the configuration would be split into two parts:

atproto -> next to oauth and webauthn configuration. Probably a boolean, so we can check that the peer dependencies are installed.

oauth.${atprotoProvider} -> Should implement an interface such that matches the "Client ID Metadata Document" section on this document that seems to be a common base for future atproto providers

I love this approach!

noook commented 1 week ago

With the latest commit, Bluesky provider works out of the box with 0 config 😁

Now, I need to extract the whole logic somewhere else + expose the metadata.

atinux commented 6 days ago

Please ping me when good to merge, amazing work you are doing @noook ❤️

noook commented 3 days ago

@atinux It should be good. I'm having issue when I need to type useRuntimeConfig(event).oauth[provider]

Element implicitly has an 'any' type because expression of type 'OAuthProvider' can't be used to index type '{ github: { clientId: string; clientSecret: string; redirectURL: string; }; gitlab: { clientId: string; clientSecret: string; redirectURL: string; }; spotify: { clientId: string; clientSecret: string; redirectURL: string; }; ... 23 more ...; authentik: { ...; }; }'.

I understand the error, it makes sense, but I'm not sure how I can do this properly