Revamp auth module to support multiple providers linked to a single auth identity (#7521)

2024-06-05 09:47:16 +02:00
parent 20cd6a7b51
commit fafc92b875
23 changed files with 640 additions and 216 deletions
--- a/packages/modules/auth/src/migrations/.snapshot-medusa-auth.json
+++ b/packages/modules/auth/src/migrations/.snapshot-medusa-auth.json
@@ -1,7 +1,68 @@
 {
-  "namespaces": ["public"],
+  "namespaces": [
+    "public"
+  ],
  "name": "public",
  "tables": [
+    {
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
+        "app_metadata": {
+          "name": "app_metadata",
+          "type": "jsonb",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "mappedType": "json"
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "length": 6,
+          "default": "now()",
+          "mappedType": "datetime"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "length": 6,
+          "default": "now()",
+          "mappedType": "datetime"
+        }
+      },
+      "name": "auth_identity",
+      "schema": "public",
+      "indexes": [
+        {
+          "keyName": "auth_identity_pkey",
+          "columnNames": [
+            "id"
+          ],
+          "composite": false,
+          "primary": true,
+          "unique": true
+        }
+      ],
+      "checks": [],
+      "foreignKeys": {}
+    },
    {
      "columns": {
        "id": {
@@ -31,6 +92,15 @@
          "nullable": false,
          "mappedType": "text"
        },
+        "auth_identity_id": {
+          "name": "auth_identity_id",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
        "user_metadata": {
          "name": "user_metadata",
          "type": "jsonb",
@@ -40,15 +110,6 @@
          "nullable": true,
          "mappedType": "json"
        },
-        "app_metadata": {
-          "name": "app_metadata",
-          "type": "jsonb",
-          "unsigned": false,
-          "autoincrement": false,
-          "primary": false,
-          "nullable": false,
-          "mappedType": "json"
-        },
        "provider_metadata": {
          "name": "provider_metadata",
          "type": "jsonb",
@@ -57,28 +118,75 @@
          "primary": false,
          "nullable": true,
          "mappedType": "json"
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "length": 6,
+          "default": "now()",
+          "mappedType": "datetime"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "length": 6,
+          "default": "now()",
+          "mappedType": "datetime"
        }
      },
-      "name": "auth_identity",
+      "name": "provider_identity",
      "schema": "public",
      "indexes": [
        {
-          "keyName": "IDX_auth_identity_provider_entity_id",
-          "columnNames": ["provider", "entity_id"],
-          "composite": true,
+          "keyName": "IDX_provider_identity_auth_identity_id",
+          "columnNames": [],
+          "composite": false,
          "primary": false,
-          "unique": true
+          "unique": false,
+          "expression": "CREATE INDEX IF NOT EXISTS \"IDX_provider_identity_auth_identity_id\" ON \"provider_identity\" (auth_identity_id)"
        },
        {
-          "keyName": "auth_identity_pkey",
-          "columnNames": ["id"],
+          "keyName": "IDX_provider_identity_provider_entity_id",
+          "columnNames": [],
+          "composite": false,
+          "primary": false,
+          "unique": false,
+          "expression": "CREATE UNIQUE INDEX IF NOT EXISTS \"IDX_provider_identity_provider_entity_id\" ON \"provider_identity\" (entity_id, provider)"
+        },
+        {
+          "keyName": "provider_identity_pkey",
+          "columnNames": [
+            "id"
+          ],
          "composite": false,
          "primary": true,
          "unique": true
        }
      ],
      "checks": [],
-      "foreignKeys": {}
+      "foreignKeys": {
+        "provider_identity_auth_identity_id_foreign": {
+          "constraintName": "provider_identity_auth_identity_id_foreign",
+          "columnNames": [
+            "auth_identity_id"
+          ],
+          "localTableName": "public.provider_identity",
+          "referencedColumnNames": [
+            "id"
+          ],
+          "referencedTableName": "public.auth_identity",
+          "deleteRule": "cascade",
+          "updateRule": "cascade"
+        }
+      }
    }
  ]
 }
--- a/packages/modules/auth/src/migrations/Migration20240205025928.ts
+++ b/packages/modules/auth/src/migrations/Migration20240205025928.ts
@@ -5,6 +5,9 @@ export class Migration20240205025928 extends Migration {
    this.addSql(
      'create table if not exists "auth_identity" ("id" text not null, "entity_id" text not null, "provider" text not null, "user_metadata" jsonb null, "app_metadata" jsonb null, "provider_metadata" jsonb null, constraint "auth_identity_pkey" primary key ("id"));'
    )
+    this.addSql(
+      'alter table "auth_identity" drop constraint if exists "IDX_auth_identity_provider_entity_id"'
+    )
    this.addSql(
      'alter table "auth_identity" add constraint "IDX_auth_identity_provider_entity_id" unique ("provider", "entity_id");'
    )
--- a/packages/modules/auth/src/migrations/Migration20240529080336.ts
+++ b/packages/modules/auth/src/migrations/Migration20240529080336.ts
@@ -0,0 +1,30 @@
+import { Migration } from '@mikro-orm/migrations';
+
+export class Migration20240529080336 extends Migration {
+
+  async up(): Promise<void> {
+    this.addSql('create table if not exists "provider_identity" ("id" text not null, "entity_id" text not null, "provider" text not null, "auth_identity_id" text not null, "user_metadata" jsonb null, "provider_metadata" jsonb null, "created_at" timestamptz not null default now(), "updated_at" timestamptz not null default now(), constraint "provider_identity_pkey" primary key ("id"));');
+    this.addSql('CREATE INDEX IF NOT EXISTS "IDX_provider_identity_auth_identity_id" ON "provider_identity" (auth_identity_id);');
+    this.addSql('CREATE UNIQUE INDEX IF NOT EXISTS "IDX_provider_identity_provider_entity_id" ON "provider_identity" (entity_id, provider);');
+
+    this.addSql('alter table if exists "provider_identity" add constraint "provider_identity_auth_identity_id_foreign" foreign key ("auth_identity_id") references "auth_identity" ("id") on update cascade on delete cascade;');
+
+    this.addSql('alter table if exists "auth_identity" add column if not exists "created_at" timestamptz not null default now(), add column "updated_at" timestamptz not null default now();');
+
+    this.addSql('alter table if exists "auth_identity" drop constraint if exists "IDX_auth_identity_provider_entity_id";');
+    this.addSql('alter table if exists "auth_identity" drop column if exists "entity_id";');
+    this.addSql('alter table if exists "auth_identity" drop column if exists "provider";');
+    this.addSql('alter table if exists "auth_identity" drop column if exists "user_metadata";');
+    this.addSql('alter table if exists "auth_identity" drop column if exists "provider_metadata";');
+  }
+
+  async down(): Promise<void> {
+    this.addSql('drop table if exists "provider_identity" cascade;');
+
+    this.addSql('alter table if exists "auth_identity" add column if not exists "entity_id" text not null, add column "provider" text not null, add column "user_metadata" jsonb null, add column "provider_metadata" jsonb null;');
+    this.addSql('alter table if exists "auth_identity" alter column if exists "app_metadata" type jsonb using ("app_metadata"::jsonb);');
+    this.addSql('alter table if exists "auth_identity" alter column if exists "app_metadata" set not null;');
+    this.addSql('alter table if exists "auth_identity" add constraint "IDX_auth_identity_provider_entity_id" unique ("provider", "entity_id");');
+  }
+
+}
--- a/packages/modules/auth/src/models/auth-identity.ts
+++ b/packages/modules/auth/src/models/auth-identity.ts
@@ -1,50 +1,45 @@
 import {
  BeforeCreate,
+  Collection,
  Entity,
  OnInit,
-  OptionalProps,
+  OneToMany,
  PrimaryKey,
  Property,
-  Unique,
 } from "@mikro-orm/core"

 import { generateEntityId } from "@medusajs/utils"
-
-type OptionalFields = "provider_metadata" | "app_metadata" | "user_metadata"
+import ProviderIdentity from "./provider-identity"

@Entity()
-@Unique({
-  properties: ["provider", "entity_id"],
-  name: "IDX_auth_identity_provider_entity_id",
-})
 export default class AuthIdentity {
-  [OptionalProps]: OptionalFields
-
  @PrimaryKey({ columnType: "text" })
  id!: string

-  @Property({ columnType: "text" })
-  entity_id: string
-
-  @Property({ columnType: "text" })
-  provider: string
-
-  @Property({ columnType: "jsonb", nullable: true })
-  user_metadata: Record<string, unknown> | null
+  @OneToMany(() => ProviderIdentity, (o) => o.auth_identity)
+  provider_identities = new Collection<ProviderIdentity>(this)

  @Property({ columnType: "jsonb", nullable: true })
  app_metadata: Record<string, unknown> | null

-  @Property({ columnType: "jsonb", nullable: true })
-  provider_metadata: Record<string, unknown> | null = null
+  @Property({
+    onCreate: () => new Date(),
+    columnType: "timestamptz",
+    defaultRaw: "now()",
+  })
+  created_at: Date
+
+  @Property({
+    onCreate: () => new Date(),
+    onUpdate: () => new Date(),
+    columnType: "timestamptz",
+    defaultRaw: "now()",
+  })
+  updated_at: Date

  @BeforeCreate()
+  @OnInit()
  onCreate() {
    this.id = generateEntityId(this.id, "authid")
  }
-
-  @OnInit()
-  onInit() {
-    this.id = generateEntityId(this.id, "authid")
-  }
 }
--- a/packages/modules/auth/src/models/index.ts
+++ b/packages/modules/auth/src/models/index.ts
@@ -1 +1,2 @@
 export { default as AuthIdentity } from "./auth-identity"
+export { default as ProviderIdentity } from "./provider-identity"
--- a/packages/modules/auth/src/models/provider-identity.ts
+++ b/packages/modules/auth/src/models/provider-identity.ts
@@ -0,0 +1,84 @@
+import {
+  BeforeCreate,
+  Entity,
+  ManyToOne,
+  OnInit,
+  PrimaryKey,
+  Property,
+} from "@mikro-orm/core"
+
+import {
+  createPsqlIndexStatementHelper,
+  generateEntityId,
+} from "@medusajs/utils"
+import AuthIdentity from "./auth-identity"
+
+const providerEntityIdIndexName = "IDX_provider_identity_provider_entity_id"
+const providerEntityIdIndexStatement = createPsqlIndexStatementHelper({
+  name: providerEntityIdIndexName,
+  tableName: "provider_identity",
+  columns: ["entity_id", "provider"],
+  unique: true,
+})
+
+const authIdentityIndexName = "IDX_provider_identity_auth_identity_id"
+const authIdentityIndexStatement = createPsqlIndexStatementHelper({
+  name: authIdentityIndexName,
+  tableName: "provider_identity",
+  columns: ["auth_identity_id"],
+})
+
+@Entity()
+@providerEntityIdIndexStatement.MikroORMIndex()
+@authIdentityIndexStatement.MikroORMIndex()
+export default class ProviderIdentity {
+  @PrimaryKey({ columnType: "text" })
+  id!: string
+
+  @Property({ columnType: "text" })
+  entity_id: string
+
+  @Property({ columnType: "text" })
+  provider: string
+
+  @ManyToOne(() => AuthIdentity, {
+    columnType: "text",
+    fieldName: "auth_identity_id",
+    mapToPk: true,
+    onDelete: "cascade",
+  })
+  auth_identity_id: string
+
+  @ManyToOne(() => AuthIdentity, {
+    persist: false,
+  })
+  auth_identity: AuthIdentity
+
+  @Property({ columnType: "jsonb", nullable: true })
+  user_metadata: Record<string, unknown> | null
+
+  @Property({ columnType: "jsonb", nullable: true })
+  provider_metadata: Record<string, unknown> | null = null
+
+  @Property({
+    onCreate: () => new Date(),
+    columnType: "timestamptz",
+    defaultRaw: "now()",
+  })
+  created_at: Date
+
+  @Property({
+    onCreate: () => new Date(),
+    onUpdate: () => new Date(),
+    columnType: "timestamptz",
+    defaultRaw: "now()",
+  })
+  updated_at: Date
+
+  @BeforeCreate()
+  @OnInit()
+  onCreate() {
+    this.id = generateEntityId(this.id, "provid")
+    this.auth_identity_id ??= this.auth_identity?.id ?? null
+  }
+}
--- a/packages/modules/auth/src/services/auth-module.ts
+++ b/packages/modules/auth/src/services/auth-module.ts
@@ -10,7 +10,7 @@ import {
  ModulesSdkTypes,
 } from "@medusajs/types"

-import { AuthIdentity } from "@models"
+import { AuthIdentity, ProviderIdentity } from "@models"

 import { entityNameToLinkableKeysMap, joinerConfig } from "../joiner-config"

@@ -21,34 +21,40 @@ import {
  ModulesSdkUtils,
 } from "@medusajs/utils"
 import AuthProviderService from "./auth-provider"
+import { populate } from "dotenv"

 type InjectedDependencies = {
  baseRepository: DAL.RepositoryService
  authIdentityService: ModulesSdkTypes.InternalModuleService<any>
+  providerIdentityService: ModulesSdkTypes.InternalModuleService<any>
  authProviderService: AuthProviderService
 }

-const generateMethodForModels = [AuthIdentity]
+const generateMethodForModels = [AuthIdentity, ProviderIdentity]

 export default class AuthModuleService<
-    TAuthIdentity extends AuthIdentity = AuthIdentity
+    TAuthIdentity extends AuthIdentity = AuthIdentity,
+    TProviderIdentity extends ProviderIdentity = ProviderIdentity
  >
  extends ModulesSdkUtils.abstractModuleServiceFactory<
    InjectedDependencies,
    AuthTypes.AuthIdentityDTO,
    {
      AuthIdentity: { dto: AuthTypes.AuthIdentityDTO }
+      ProviderIdentity: { dto: AuthTypes.ProviderIdentityDTO }
    }
  >(AuthIdentity, generateMethodForModels, entityNameToLinkableKeysMap)
  implements AuthTypes.IAuthModuleService
 {
  protected baseRepository_: DAL.RepositoryService
  protected authIdentityService_: ModulesSdkTypes.InternalModuleService<TAuthIdentity>
+  protected providerIdentityService_: ModulesSdkTypes.InternalModuleService<TProviderIdentity>
  protected readonly authProviderService_: AuthProviderService

  constructor(
    {
      authIdentityService,
+      providerIdentityService,
      authProviderService,
      baseRepository,
    }: InjectedDependencies,
@@ -60,6 +66,7 @@ export default class AuthModuleService<
    this.baseRepository_ = baseRepository
    this.authIdentityService_ = authIdentityService
    this.authProviderService_ = authProviderService
+    this.providerIdentityService_ = providerIdentityService
  }

  __joinerConfig(): ModuleJoinerConfig {
@@ -132,7 +139,7 @@ export default class AuthModuleService<
      return await this.authProviderService_.authenticate(
        provider,
        authenticationData,
-        this.getAuthIdentityProviderService()
+        this.getAuthIdentityProviderService(provider)
      )
    } catch (error) {
      return { success: false, error: error.message }
@@ -147,20 +154,29 @@ export default class AuthModuleService<
      return await this.authProviderService_.validateCallback(
        provider,
        authenticationData,
-        this.getAuthIdentityProviderService()
+        this.getAuthIdentityProviderService(provider)
      )
    } catch (error) {
      return { success: false, error: error.message }
    }
  }

-  getAuthIdentityProviderService(): AuthIdentityProviderService {
+  getAuthIdentityProviderService(
+    provider: string
+  ): AuthIdentityProviderService {
    return {
-      retrieve: async ({ entity_id, provider }) => {
-        const authIdentities = await this.authIdentityService_.list({
-          entity_id,
-          provider,
-        })
+      retrieve: async ({ entity_id }) => {
+        const authIdentities = await this.authIdentityService_.list(
+          {
+            provider_identities: {
+              entity_id,
+              provider,
+            },
+          },
+          {
+            relations: ["provider_identities"],
+          }
+        )

        if (!authIdentities.length) {
          throw new MedusaError(
@@ -180,8 +196,26 @@ export default class AuthModuleService<
          authIdentities[0]
        )
      },
-      create: async (data: AuthTypes.CreateAuthIdentityDTO) => {
-        const createdAuthIdentity = await this.authIdentityService_.create(data)
+
+      create: async (data: {
+        entity_id: string
+        provider_metadata?: Record<string, unknown>
+        user_metadata?: Record<string, unknown>
+      }) => {
+        const normalizedRequest = {
+          provider_identities: [
+            {
+              entity_id: data.entity_id,
+              provider_metadata: data.provider_metadata,
+              user_metadata: data.user_metadata,
+              provider,
+            },
+          ],
+        }
+
+        const createdAuthIdentity = await this.authIdentityService_.create(
+          normalizedRequest
+        )

        return await this.baseRepository_.serialize<AuthTypes.AuthIdentityDTO>(
          createdAuthIdentity