diff --git a/packages/core/auth-js/src/GoTrueAdminApi.ts b/packages/core/auth-js/src/GoTrueAdminApi.ts index 00658a48e..8826fd1fc 100644 --- a/packages/core/auth-js/src/GoTrueAdminApi.ts +++ b/packages/core/auth-js/src/GoTrueAdminApi.ts @@ -23,6 +23,7 @@ import { SignOutScope, GoTrueAdminOAuthApi, CreateOAuthClientParams, + UpdateOAuthClientParams, OAuthClientResponse, OAuthClientListResponse, } from './lib/types' @@ -66,6 +67,7 @@ export default class GoTrueAdminApi { listClients: this._listOAuthClients.bind(this), createClient: this._createOAuthClient.bind(this), getClient: this._getOAuthClient.bind(this), + updateClient: this._updateOAuthClient.bind(this), deleteClient: this._deleteOAuthClient.bind(this), regenerateClientSecret: this._regenerateOAuthClientSecret.bind(this), } @@ -414,9 +416,7 @@ export default class GoTrueAdminApi { * * This function should only be called on a server. Never expose your `service_role` key in the browser. */ - private async _createOAuthClient( - params: CreateOAuthClientParams - ): Promise { + private async _createOAuthClient(params: CreateOAuthClientParams): Promise { try { return await _request(this.fetch, 'POST', `${this.url}/admin/oauth/clients`, { body: params, @@ -457,6 +457,33 @@ export default class GoTrueAdminApi { } } + /** + * Updates an existing OAuth client. + * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. + * + * This function should only be called on a server. Never expose your `service_role` key in the browser. + */ + private async _updateOAuthClient( + clientId: string, + params: UpdateOAuthClientParams + ): Promise { + try { + return await _request(this.fetch, 'PUT', `${this.url}/admin/oauth/clients/${clientId}`, { + body: params, + headers: this.headers, + xform: (client: any) => { + return { data: client, error: null } + }, + }) + } catch (error) { + if (isAuthError(error)) { + return { data: null, error } + } + + throw error + } + } + /** * Deletes an OAuth client. * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. @@ -467,15 +494,10 @@ export default class GoTrueAdminApi { clientId: string ): Promise<{ data: null; error: AuthError | null }> { try { - await _request( - this.fetch, - 'DELETE', - `${this.url}/admin/oauth/clients/${clientId}`, - { - headers: this.headers, - noResolveJson: true, - } - ) + await _request(this.fetch, 'DELETE', `${this.url}/admin/oauth/clients/${clientId}`, { + headers: this.headers, + noResolveJson: true, + }) return { data: null, error: null } } catch (error) { if (isAuthError(error)) { diff --git a/packages/core/auth-js/src/lib/types.ts b/packages/core/auth-js/src/lib/types.ts index 2bfb98d20..60c342b0e 100644 --- a/packages/core/auth-js/src/lib/types.ts +++ b/packages/core/auth-js/src/lib/types.ts @@ -1492,6 +1492,8 @@ export type OAuthClient = { registration_type: OAuthClientRegistrationType /** URI of the OAuth client */ client_uri?: string + /** URI of the OAuth client's logo */ + logo_uri?: string /** Array of allowed redirect URIs */ redirect_uris: string[] /** Array of allowed grant types */ @@ -1525,6 +1527,24 @@ export type CreateOAuthClientParams = { scope?: string } +/** + * Parameters for updating an existing OAuth client. + * All fields are optional. Only provided fields will be updated. + * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. + */ +export type UpdateOAuthClientParams = { + /** Human-readable name of the OAuth client */ + client_name?: string + /** URI of the OAuth client */ + client_uri?: string + /** URI of the OAuth client's logo */ + logo_uri?: string + /** Array of allowed redirect URIs */ + redirect_uris?: string[] + /** Array of allowed grant types */ + grant_types?: OAuthClientGrantType[] +} + /** * Response type for OAuth client operations. * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. @@ -1574,6 +1594,14 @@ export interface GoTrueAdminOAuthApi { */ getClient(clientId: string): Promise + /** + * Updates an existing OAuth client. + * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth. + * + * This function should only be called on a server. Never expose your `service_role` key in the browser. + */ + updateClient(clientId: string, params: UpdateOAuthClientParams): Promise + /** * Deletes an OAuth client. * Only relevant when the OAuth 2.1 server is enabled in Supabase Auth.