fix: Check actor type on account creation, fix github entity id (#8996)

packages/core/js-sdk/src/auth/index.ts

@@ -59,7 +59,7 @@ export class Auth {
       this.client.setToken(token as string)
     }
 
-    return token
+    return token as string
   }
 
   // The callback expects all query parameters from the Oauth callback to be passed to the backend, and the provider is in charge of parsing and validating them

packages/framework/framework/src/http/middlewares/authenticate-middleware.ts

@@ -87,7 +87,12 @@ export const authenticate = (
     }
 
     // If the entity is authenticated, but there is no registered actor yet, we can continue (eg. in the case of a user invite) if allow unregistered is set
-    if (authContext?.auth_identity_id && options.allowUnregistered) {
+    // We also don't want to allow creating eg. a customer with a token created for a `user` provider.
+    if (
+      authContext?.auth_identity_id &&
+      options.allowUnregistered &&
+      actorTypes.includes(authContext?.actor_type)
+    ) {
       req_.auth_context = authContext
       return next()
     }

packages/modules/providers/auth-github/src/services/github.ts

@@ -148,7 +148,7 @@ export class GithubAuthService extends AbstractAuthModuleProvider {
       },
     }).then((r) => r.json())
 
-    const entity_id = user.id
+    const entity_id = user.id.toString()
     const userMetadata = {
       profile_url: user.url,
       avatar: user.avatar_url,