Add OAuth2 example apps (#854)

* feat: Add st-oauth2-authorization-server example

* feat: Add with-oauth2-without-supertokens

* feat: Add with-oauth2-with-supertokens example

* feat: keep the tenantId queryparam during redirections

* feat: update to match node changes

* test: stability fixes

* test: update dep version and fix tests

* fix: ignore appname in the oauth flow if it is empty

* fix: fix typo

* feat: handle not initialized OAuth2Provider recipe more gracefully

* feat: ignore loginChallenge queryparam on auth page if we couldn't load it

* feat: show an error if the getLoginChallengeInfo errors out

* feat: update prebuiltui types and add test into with-typescript

* test: add more debugging options for ci

* fix: shouldTryLinkingWithSessionUser

* chore: update versions

* ci: do not forward browser logs into the console on CI

* test: improve request logging in tests

* test: update test expectations to match new node logic

* chore: update web-js dep version in lock

---------

Co-authored-by: Mihaly Lengyel <[email protected]>

examples/for-tests/src/App.js

@@ -443,6 +443,7 @@ if (testContext.enableMFA) {
 SuperTokens.init({
     usesDynamicLoginMethods: testContext.usesDynamicLoginMethods,
     clientType: testContext.clientType,
+    enableDebugLogs: true,
     appInfo: {
         appName: "SuperTokens",
         websiteDomain: getWebsiteDomain(),

examples/st-oauth2-authorization-server/README.md

@@ -0,0 +1,43 @@
+![SuperTokens banner](https://raw.githubusercontent.com/supertokens/supertokens-logo/master/images/Artboard%20%E2%80%93%2027%402x.png)
+
+# SuperTokens OAuth2 Authorization Server
+
+This example app uses SuperTokens `OAuth2Provider` recipe to expose OAuth2 APIs. This app acts as an OAuth2 authorization server for other OAuth2 examples in this repo.
+
+## Project setup
+
+Clone the repo, enter the directory, and use `npm` to install the project dependencies:
+
+```bash
+git clone https://github.com/supertokens/supertokens-auth-react
+cd supertokens-auth-react/examples/st-oauth2-authorization-server
+npm install
+```
+
+## Set Up Frontend and Backend URLs
+
+When running locally, we recommend using a different domain than `localhost` for the authorization server to prevent cookie sharing with other client apps running on `localhost`.
+
+By default, the frontend runs at `http://localhost.com:3005` and the backend at `http://localhost.com:3006`. You can customize these by setting the `REACT_APP_AUTH_SERVER_WEBSITE_URL` and `REACT_APP_AUTH_SERVER_API_URL` environment variables.
+
+After configuring the URLs, add the domain to `/etc/hosts`. For example, if your domain is `localhost.com`, add:
+
+```bash
+127.0.0.1   localhost.com
+```
+
+## Run the demo app
+
+This compiles and serves the React app and starts the backend API server.
+
+```bash
+npm run start
+```
+
+## Author
+
+Created with :heart: by the folks at supertokens.com.
+
+## License
+
+This project is licensed under the Apache 2.0 license.

examples/st-oauth2-authorization-server/backend/config.ts

@@ -0,0 +1,27 @@
+import EmailPassword from "supertokens-node/recipe/emailpassword";
+import OAuth2Provider from "supertokens-node/recipe/oauth2provider";
+import Session from "supertokens-node/recipe/session";
+import { TypeInput } from "supertokens-node/types";
+
+export function getWebsiteDomain() {
+    return process.env.REACT_APP_AUTH_SERVER_WEBSITE_URL || "http://localhost.com:3005";
+}
+
+export function getApiDomain() {
+    return process.env.REACT_APP_AUTH_SERVER_API_URL || "http://localhost.com:3006";
+}
+
+export const SuperTokensConfig: TypeInput = {
+    supertokens: {
+        // this is the location of the SuperTokens core.
+        connectionURI: "https://try.supertokens.com",
+    },
+    appInfo: {
+        appName: "SuperTokens Demo App",
+        apiDomain: getApiDomain(),
+        websiteDomain: getWebsiteDomain(),
+    },
+    // recipeList contains all the modules that you want to
+    // use from SuperTokens. See the full list here: https://supertokens.com/docs/guides
+    recipeList: [EmailPassword.init(), OAuth2Provider.init(), Session.init()],
+};

examples/st-oauth2-authorization-server/backend/index.ts

@@ -0,0 +1,49 @@
+import express from "express";
+import cors from "cors";
+import supertokens from "supertokens-node";
+import { verifySession } from "supertokens-node/recipe/session/framework/express";
+import { middleware, errorHandler, SessionRequest } from "supertokens-node/framework/express";
+import { getApiDomain, getWebsiteDomain, SuperTokensConfig } from "./config";
+import Multitenancy from "supertokens-node/recipe/multitenancy";
+
+supertokens.init(SuperTokensConfig);
+
+const app = express();
+
+app.use(
+    cors({
+        origin: [getWebsiteDomain(), "http://localhost:3000"],
+        // origin: [getWebsiteDomain()],
+        allowedHeaders: ["content-type", ...supertokens.getAllCORSHeaders()],
+        methods: ["GET", "PUT", "POST", "DELETE"],
+        credentials: true,
+    })
+);
+
+// This exposes all the APIs from SuperTokens to the client.
+app.use(middleware());
+
+// An example API that requires session verification
+app.get("/sessioninfo", verifySession(), async (req: SessionRequest, res) => {
+    let session = req.session;
+    res.send({
+        sessionHandle: session!.getHandle(),
+        userId: session!.getUserId(),
+        accessTokenPayload: session!.getAccessTokenPayload(),
+    });
+});
+
+// This API is used by the frontend to create the tenants drop down when the app loads.
+// Depending on your UX, you can remove this API.
+app.get("/tenants", async (req, res) => {
+    let tenants = await Multitenancy.listAllTenants();
+    res.send(tenants);
+});
+
+// In case of session related errors, this error handler
+// returns 401 to the client.
+app.use(errorHandler());
+
+const PORT = process.env.PORT || 3006;
+
+app.listen(PORT, () => console.log(`API Server listening on ${getApiDomain()}`));

examples/st-oauth2-authorization-server/backend/package.json

@@ -0,0 +1,15 @@
+{
+    "name": "supertokens-node",
+    "version": "0.0.1",
+    "private": true,
+    "description": "",
+    "main": "index.js",
+    "scripts": {
+        "start": "PORT=3006 npx ts-node-dev --project ./tsconfig.json ./index.ts"
+    },
+    "dependencies": {},
+    "devDependencies": {},
+    "keywords": [],
+    "author": "",
+    "license": "ISC"
+}

examples/st-oauth2-authorization-server/backend/tsconfig.json

@@ -0,0 +1,62 @@
+{
+    "compilerOptions": {
+        /* Visit https://aka.ms/tsconfig.json to read more about this file */
+        /* Basic Options */
+        // "incremental": true,                   /* Enable incremental compilation */
+        "target": "es5" /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019', 'ES2020', or 'ESNEXT'. */,
+        "module": "commonjs" /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', 'es2020', or 'ESNext'. */,
+        // "lib": [],                             /* Specify library files to be included in the compilation. */
+        // "allowJs": true,                       /* Allow javascript files to be compiled. */
+        // "checkJs": true,                       /* Report errors in .js files. */
+        // "jsx": "preserve",                     /* Specify JSX code generation: 'preserve', 'react-native', or 'react'. */
+        // "declaration": true,                   /* Generates corresponding '.d.ts' file. */
+        // "declarationMap": true,                /* Generates a sourcemap for each corresponding '.d.ts' file. */
+        // "sourceMap": true,                     /* Generates corresponding '.map' file. */
+        // "outFile": "./",                       /* Concatenate and emit output to single file. */
+        // "outDir": "./",                        /* Redirect output structure to the directory. */
+        // "rootDir": "./",                       /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */
+        // "composite": true,                     /* Enable project compilation */
+        // "tsBuildInfoFile": "./",               /* Specify file to store incremental compilation information */
+        // "removeComments": true,                /* Do not emit comments to output. */
+        // "noEmit": true,                        /* Do not emit outputs. */
+        // "importHelpers": true,                 /* Import emit helpers from 'tslib'. */
+        // "downlevelIteration": true,            /* Provide full support for iterables in 'for-of', spread, and destructuring when targeting 'ES5' or 'ES3'. */
+        // "isolatedModules": true,               /* Transpile each file as a separate module (similar to 'ts.transpileModule'). */
+        /* Strict Type-Checking Options */
+        "strict": true /* Enable all strict type-checking options. */,
+        // "noImplicitAny": true,                 /* Raise error on expressions and declarations with an implied 'any' type. */
+        // "strictNullChecks": true,              /* Enable strict null checks. */
+        // "strictFunctionTypes": true,           /* Enable strict checking of function types. */
+        // "strictBindCallApply": true,           /* Enable strict 'bind', 'call', and 'apply' methods on functions. */
+        // "strictPropertyInitialization": true,  /* Enable strict checking of property initialization in classes. */
+        // "noImplicitThis": true,                /* Raise error on 'this' expressions with an implied 'any' type. */
+        // "alwaysStrict": true,                  /* Parse in strict mode and emit "use strict" for each source file. */
+        /* Additional Checks */
+        // "noUnusedLocals": true,                /* Report errors on unused locals. */
+        // "noUnusedParameters": true,            /* Report errors on unused parameters. */
+        // "noImplicitReturns": true,             /* Report error when not all code paths in function return a value. */
+        // "noFallthroughCasesInSwitch": true,    /* Report errors for fallthrough cases in switch statement. */
+        /* Module Resolution Options */
+        // "moduleResolution": "node",            /* Specify module resolution strategy: 'node' (Node.js) or 'classic' (TypeScript pre-1.6). */
+        // "baseUrl": "./",                       /* Base directory to resolve non-absolute module names. */
+        // "paths": {},                           /* A series of entries which re-map imports to lookup locations relative to the 'baseUrl'. */
+        // "rootDirs": [],                        /* List of root folders whose combined content represents the structure of the project at runtime. */
+        // "typeRoots": [],                       /* List of folders to include type definitions from. */
+        // "types": [],                           /* Type declaration files to be included in compilation. */
+        // "allowSyntheticDefaultImports": true,  /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */
+        "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */,
+        // "preserveSymlinks": true,              /* Do not resolve the real path of symlinks. */
+        // "allowUmdGlobalAccess": true,          /* Allow accessing UMD globals from modules. */
+        /* Source Map Options */
+        // "sourceRoot": "",                      /* Specify the location where debugger should locate TypeScript files instead of source locations. */
+        // "mapRoot": "",                         /* Specify the location where debugger should locate map files instead of generated locations. */
+        // "inlineSourceMap": true,               /* Emit a single file with source maps instead of having a separate file. */
+        // "inlineSources": true,                 /* Emit the source alongside the sourcemaps within a single file; requires '--inlineSourceMap' or '--sourceMap' to be set. */
+        /* Experimental Options */
+        // "experimentalDecorators": true,        /* Enables experimental support for ES7 decorators. */
+        // "emitDecoratorMetadata": true,         /* Enables experimental support for emitting type metadata for decorators. */
+        /* Advanced Options */
+        "skipLibCheck": true /* Skip type checking of declaration files. */,
+        "forceConsistentCasingInFileNames": true /* Disallow inconsistently-cased references to the same file. */
+    }
+}

examples/st-oauth2-authorization-server/frontend/.env

@@ -0,0 +1 @@
+SKIP_PREFLIGHT_CHECK=true

examples/st-oauth2-authorization-server/frontend/.gitignore

@@ -0,0 +1,23 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+
+# testing
+/coverage
+
+# production
+/build
+
+# misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*