asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

docs: fix callback validation for third-party authentication (#14109)

Browse Source 
* docs: fix callback validation for third-party authentication

* address comment
This commit is contained in:
Shahed Nasser
2025-11-24 15:43:05 +02:00
committed by GitHub
parent b81f958d41
commit 22ca22a2f0
11 changed files with 272 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
www/apps/api-reference/specs/admin/code_samples/JavaScript/auth_user_{auth_provider}_callback/post.js
View File

@@ -1,4 +1,5 @@
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
export const sdk = new Medusa({
baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
@@ -8,7 +9,7 @@ export const sdk = new Medusa({
},
})
await sdk.auth.callback(
const token = await sdk.auth.callback(
"user",
"google",
{
@@ -16,16 +17,25 @@ await sdk.auth.callback(
state: "456"
}
)
// all subsequent requests will use the token in the header
sdk.admin.invite.accept(
{
email: "user@gmail.com",
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
.then(({ user }) => {
console.log(user)
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateUser = decodedToken.actor_id === ""
if (shouldCreateUser) {
const user = await sdk.admin.invite.accept(
{
email: decodedToken.user_metadata.email as string,
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// User already exists and is authenticated
}

38
www/apps/api-reference/specs/admin/code_samples/TypeScript/auth_user_{auth_provider}_callback/post.ts
View File

@@ -1,4 +1,5 @@
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
export const sdk = new Medusa({
baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
@@ -8,24 +9,33 @@ export const sdk = new Medusa({
},
})
const authToken = await sdk.auth.callback(
const token = await sdk.auth.callback(
"user",
"google",
"github",
{
code: "123",
state: "456"
}
)
// all subsequent requests will use the token in the header
sdk.admin.invite.accept(
{
email: "user@gmail.com",
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
.then(({ user }) => {
console.log(user)
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateUser = decodedToken.actor_id === ""
if (shouldCreateUser) {
const user = await sdk.admin.invite.accept(
{
email: decodedToken.user_metadata.email as string,
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// User already exists and is authenticated
}

74
www/apps/api-reference/specs/admin/openapi.full.yaml
View File

@@ -64080,6 +64080,7 @@ paths:
label: Google Provider
source: |-
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
export const sdk = new Medusa({
baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
@@ -64089,7 +64090,7 @@ paths:
},
})
await sdk.auth.callback(
const token = await sdk.auth.callback(
"user",
"google",
{
@@ -64097,23 +64098,33 @@ paths:
state: "456"
}
)
// all subsequent requests will use the token in the header
sdk.admin.invite.accept(
{
email: "user@gmail.com",
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
.then(({ user }) => {
console.log(user)
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateUser = decodedToken.actor_id === ""
if (shouldCreateUser) {
const user = await sdk.admin.invite.accept(
{
email: decodedToken.user_metadata.email as string,
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// User already exists and is authenticated
}
- lang: TypeScript
label: GitHub Provider
source: |-
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
export const sdk = new Medusa({
baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
@@ -64123,27 +64134,36 @@ paths:
},
})
const authToken = await sdk.auth.callback(
const token = await sdk.auth.callback(
"user",
"google",
"github",
{
code: "123",
state: "456"
}
)
// all subsequent requests will use the token in the header
sdk.admin.invite.accept(
{
email: "user@gmail.com",
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
.then(({ user }) => {
console.log(user)
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateUser = decodedToken.actor_id === ""
if (shouldCreateUser) {
const user = await sdk.admin.invite.accept(
{
email: decodedToken.user_metadata.email as string,
first_name: "John",
last_name: "Smith",
invite_token: "12345..."
},
)
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// User already exists and is authenticated
}
tags:
- Auth
responses:

24
www/apps/api-reference/specs/store/code_samples/JavaScript/auth_customer_{auth_provider}_callback/post.js
View File

@@ -1,4 +1,5 @@
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
let MEDUSA_BACKEND_URL = "http://localhost:9000"
@@ -12,7 +13,7 @@ export const sdk = new Medusa({
publishableKey: process.env.NEXT_PUBLIC_MEDUSA_PUBLISHABLE_KEY,
})
await sdk.auth.callback(
const token = await sdk.auth.callback(
"customer",
"google",
{
@@ -20,9 +21,20 @@ await sdk.auth.callback(
state: "456"
}
)
// all subsequent requests will use the token in the header
const { customer } = await sdk.store.customer.create({
email: "customer@gmail.com",
password: "supersecret"
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateCustomer = decodedToken.actor_id === ""
if (shouldCreateCustomer) {
const { customer } = await sdk.store.customer.create({
email: decodedToken.user_metadata.email as string,
})
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// Customer already exists and is authenticated
}

24
www/apps/api-reference/specs/store/code_samples/TypeScript/auth_customer_{auth_provider}_callback/post.ts
View File

@@ -1,4 +1,5 @@
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
let MEDUSA_BACKEND_URL = "http://localhost:9000"
@@ -12,7 +13,7 @@ export const sdk = new Medusa({
publishableKey: process.env.NEXT_PUBLIC_MEDUSA_PUBLISHABLE_KEY,
})
await sdk.auth.callback(
const token = await sdk.auth.callback(
"customer",
"github",
{
@@ -20,9 +21,20 @@ await sdk.auth.callback(
state: "456"
}
)
// all subsequent requests will use the token in the header
const { customer } = await sdk.store.customer.create({
email: "customer@gmail.com",
password: "supersecret"
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateCustomer = decodedToken.actor_id === ""
if (shouldCreateCustomer) {
const { customer } = await sdk.store.customer.create({
email: decodedToken.user_metadata.email as string,
})
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// Customer already exists and is authenticated
}

48
www/apps/api-reference/specs/store/openapi.full.yaml
View File

@@ -290,6 +290,7 @@ paths:
label: Google Provider
source: |-
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
let MEDUSA_BACKEND_URL = "http://localhost:9000"
@@ -303,7 +304,7 @@ paths:
publishableKey: process.env.NEXT_PUBLIC_MEDUSA_PUBLISHABLE_KEY,
})
await sdk.auth.callback(
const token = await sdk.auth.callback(
"customer",
"google",
{
@@ -311,16 +312,28 @@ paths:
state: "456"
}
)
// all subsequent requests will use the token in the header
const { customer } = await sdk.store.customer.create({
email: "customer@gmail.com",
password: "supersecret"
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateCustomer = decodedToken.actor_id === ""
if (shouldCreateCustomer) {
const { customer } = await sdk.store.customer.create({
email: decodedToken.user_metadata.email as string,
})
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// Customer already exists and is authenticated
}
- lang: TypeScript
label: GitHub Provider
source: |-
import Medusa from "@medusajs/js-sdk"
import { decodeToken } from "react-jwt"
let MEDUSA_BACKEND_URL = "http://localhost:9000"
@@ -334,7 +347,7 @@ paths:
publishableKey: process.env.NEXT_PUBLIC_MEDUSA_PUBLISHABLE_KEY,
})
await sdk.auth.callback(
const token = await sdk.auth.callback(
"customer",
"github",
{
@@ -342,12 +355,23 @@ paths:
state: "456"
}
)
// all subsequent requests will use the token in the header
const { customer } = await sdk.store.customer.create({
email: "customer@gmail.com",
password: "supersecret"
})
const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
const shouldCreateCustomer = decodedToken.actor_id === ""
if (shouldCreateCustomer) {
const { customer } = await sdk.store.customer.create({
email: decodedToken.user_metadata.email as string,
})
// refresh auth token
await sdk.auth.refresh()
// all subsequent requests will use the new token in the header
} else {
// Customer already exists and is authenticated
}
tags:
- Auth
responses: