docs: fix callback validation for third-party authentication (#14109)

* docs: fix callback validation for third-party authentication * address comment
2025-11-24 15:43:05 +02:00
parent b81f958d41
commit 22ca22a2f0
11 changed files with 272 additions and 166 deletions
--- a/www/apps/api-reference/specs/admin/openapi.full.yaml
+++ b/www/apps/api-reference/specs/admin/openapi.full.yaml
@@ -64080,6 +64080,7 @@ paths:
          label: Google Provider
          source: |-
            import Medusa from "@medusajs/js-sdk"
+            import { decodeToken } from "react-jwt"

            export const sdk = new Medusa({
              baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
@@ -64089,7 +64090,7 @@ paths:
              },
            })

-            await sdk.auth.callback(
+            const token = await sdk.auth.callback(
              "user",
              "google",
              {
@@ -64097,23 +64098,33 @@ paths:
                state: "456"
              }
            )
-
            // all subsequent requests will use the token in the header
-            sdk.admin.invite.accept(
-              {
-                email: "user@gmail.com",
-                first_name: "John",
-                last_name: "Smith",
-                invite_token: "12345..."
-              },
-            )
-            .then(({ user }) => {
-              console.log(user)
-            })
+
+            const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
+
+            const shouldCreateUser = decodedToken.actor_id === ""
+
+            if (shouldCreateUser) {
+              const user = await sdk.admin.invite.accept(
+                {
+                  email: decodedToken.user_metadata.email as string,
+                  first_name: "John",
+                  last_name: "Smith",
+                  invite_token: "12345..."
+                },
+              )
+
+              // refresh auth token
+              await sdk.auth.refresh()
+              // all subsequent requests will use the new token in the header
+            } else {
+              // User already exists and is authenticated
+            }
        - lang: TypeScript
          label: GitHub Provider
          source: |-
            import Medusa from "@medusajs/js-sdk"
+            import { decodeToken } from "react-jwt"

            export const sdk = new Medusa({
              baseUrl: import.meta.env.VITE_BACKEND_URL || "/",
@@ -64123,27 +64134,36 @@ paths:
              },
            })

-            const authToken = await sdk.auth.callback(
+            const token = await sdk.auth.callback(
              "user",
-              "google",
+              "github",
              {
                code: "123",
                state: "456"
              }
            )
-
            // all subsequent requests will use the token in the header
-            sdk.admin.invite.accept(
-              {
-                email: "user@gmail.com",
-                first_name: "John",
-                last_name: "Smith",
-                invite_token: "12345..."
-              },
-            )
-            .then(({ user }) => {
-              console.log(user)
-            })
+
+            const decodedToken = decodeToken(token) as { actor_id: string, user_metadata: Record<string, unknown> }
+
+            const shouldCreateUser = decodedToken.actor_id === ""
+
+            if (shouldCreateUser) {
+              const user = await sdk.admin.invite.accept(
+                {
+                  email: decodedToken.user_metadata.email as string,
+                  first_name: "John",
+                  last_name: "Smith",
+                  invite_token: "12345..."
+                },
+              )
+
+              // refresh auth token
+              await sdk.auth.refresh()
+              // all subsequent requests will use the new token in the header
+            } else {
+              // User already exists and is authenticated
+            }
      tags:
        - Auth
      responses: