Merge pull request 'promote: dev → uat (GRO-1509 OIDC account_not_linked fix)' (#43 ) from dev into uat

promote: dev → uat (GRO-1509 OIDC account_not_linked fix) Merged-by: The Dogfather (CTO) Gitea-approved-by: Lint Roller (GRO-1512)
Merge pull request 'fix(auth): add accountLinking trustedProviders for authentik (GRO-1509)' (#42 ) from flea-flicker/gro-1509-better-auth-account-not-linked into dev
2026-05-21 22:53:49 +00:00 · 2026-05-21 22:47:25 +00:00 · 2026-05-21 22:44:04 +00:00 · 2026-05-21 22:24:48 +00:00 · 2026-05-21 20:16:53 +00:00 · 2026-05-21 19:19:10 +00:00
2 changed files with 5 additions and 0 deletions
@@ -38,6 +38,7 @@ GroomBook API is a Hono-based REST service (TypeScript/Node.js) powering the pet
 | TC-API-1.13 | Name fallback — user.name present | Auto-provision where Better-Auth user has name set | Staff name = user.name value from user table |
 | TC-API-1.14 | Name fallback — no name, email present | Auto-provision where Better-Auth user has name = null, email = "test@example.com" | Staff name = "test" (email prefix before @) |
 | TC-API-1.15 | Name fallback — no name, no email | Auto-provision where Better-Auth user has name = null, email = null | Staff name = "Unknown" |
 | TC-API-1.16 | OIDC login — Terraform-provisioned user | Initiate OIDC login as any UAT persona (uat-super, uat-groomer, uat-customer, uat-tester), complete authentik callback | 200 OK, session created — no account_not_linked error |
 ### 4.2 Client Management
@@ -251,6 +251,10 @@ export async function initAuth(): Promise<void> {
        },
      },
      account: {
        accountLinking: {
          enabled: true,
          trustedProviders: ["authentik"],
        },
        storeStateStrategy: "cookie" as const,
      },
      emailAndPassword: {
Author	SHA1	Message	Date
The Dogfather	ff6f8471d5	Merge pull request 'promote: dev → uat (GRO-1509 OIDC account_not_linked fix)' (#43 ) from dev into uat CI / Lint & Typecheck (pull_request) Failing after 5s Details CI / Test (pull_request) Failing after 6s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details promote: dev → uat (GRO-1509 OIDC account_not_linked fix) Merged-by: The Dogfather (CTO) Gitea-approved-by: Lint Roller (GRO-1512)	2026-05-21 22:53:49 +00:00
The Dogfather	2a27e8bee2	Merge pull request 'fix(auth): add accountLinking trustedProviders for authentik (GRO-1509)' (#42 ) from flea-flicker/gro-1509-better-auth-account-not-linked into dev CI / Lint & Typecheck (push) Failing after 5s Details CI / Test (push) Failing after 6s Details CI / Build & Push Docker Image (push) Has been skipped Details fix(auth): add accountLinking trustedProviders for authentik (GRO-1509) Merged-by: The Dogfather (CTO) QA-approved-by: Lint Roller (GRO-1510)	2026-05-21 22:47:25 +00:00
Flea Flicker	d6f7ade7bd	docs(UAT): add TC-API-1.16 for OIDC login Terraform-provisioned users CI / Lint & Typecheck (pull_request) Failing after 6s Details CI / Test (pull_request) Failing after 6s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details Updated UAT_PLAYBOOK.md §4.1 — new TC-API-1.16 covering OIDC login for Terraform-provisioned users (GRO-1509 fix, GRO-1511). Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 22:44:04 +00:00
Flea Flicker	00dadac0a1	fix(auth): add accountLinking trustedProviders for authentik (GRO-1509) CI / Test (pull_request) Failing after 44s Details CI / Lint & Typecheck (pull_request) Failing after 52s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details Betters Auth v1.5.6 link-account.mjs:22 rejects OAuth callbacks when the genericOAuth provider is not in trustedProviders AND email_verified is falsy. Adding authentik to trustedProviders bypasses this guard so OIDC login works for TF-created users whose emails were never verified through an authentik flow. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 22:24:48 +00:00
The Dogfather	9692476202	fix(GRO-1470): add portal PATCH /pets/:id + expand GET /pets response CI / Lint & Typecheck (push) Failing after 7s Details CI / Test (push) Failing after 7s Details CI / Build & Push Docker Image (push) Has been skipped Details	2026-05-21 20:16:53 +00:00
The Dogfather	6045024150	Merge pull request 'Promote dev → uat: GRO-1178 enhanced pet profile editor' (#39 ) from dev into uat Promote dev → uat: GRO-1178 enhanced pet profile editor	2026-05-21 19:19:10 +00:00
The Dogfather	df5e413930	Merge pull request 'chore: promote dev → uat (GRO-1463 UAT playbook expansion)' (#38 ) from dev into uat chore: promote dev → uat (GRO-1463 UAT playbook expansion)	2026-05-21 16:49:18 +00:00
The Dogfather	7cb5fda3e3	Merge pull request 'promote: dev → uat (GRO-1272 auto-provision staff on OIDC login)' (#36 ) from dev into uat promote: dev → uat (GRO-1272 auto-provision staff on OIDC login) (#36) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 14:17:40 +00:00
The Dogfather	76540cea0d	Merge pull request 'chore(promote): dev → uat (Buffer Rules CRUD — GRO-1171)' (#34 ) from dev into uat chore(promote): dev → uat (Buffer Rules CRUD — GRO-1171) Promote PR #12 merge to UAT for regression testing.	2026-05-21 10:18:10 +00:00
Lint Roller	d83210e7e2	Merge pull request 'chore(promote): dev → uat (petsExtendedFields test fix GRO-1390)' (#33 ) from dev into uat	2026-05-21 07:03:24 +00:00
The Dogfather	5c9cac7a28	Merge pull request 'promote: dev → uat (GRO-1395 drizzle-orm root dep fix)' (#31 ) from dev into uat promote: dev → uat (GRO-1395 drizzle-orm root dep fix) (#31)	2026-05-21 04:11:29 +00:00
The Dogfather	fad99dc032	Merge pull request 'promote: dev → uat (Renovate config, GRO-1081)' (#26 ) from dev into uat promote: dev → uat (Renovate config, GRO-1081) (#26)	2026-05-20 12:37:23 +00:00
The Dogfather	247570abc8	Merge pull request 'Promote dev → uat: GRO-1326 UAT email+password credentials' (#25 ) from dev into uat Promote dev → uat: GRO-1326 UAT email+password credentials (#25) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-20 04:25:29 +00:00
the-dogfather-cto[bot]	4f5ec60961	chore: promote dev to uat — Dockerfile pnpm-workspace fix (GRO-1231) chore: promote dev to uat (GRO-1231 pnpm-workspace fix)	2026-05-14 17:15:52 +00:00
the-dogfather-cto[bot]	39ffdccac7	promote: dev → uat (rate limit override) (#13 ) promote: dev → uat (rate limit override)	2026-05-14 10:55:45 +00:00
the-dogfather-cto[bot]	1ff0d4230c	promote: dev → uat (UAT Tester seed fix + TypeScript CI compliance) promote: dev → uat (UAT Tester seed fix + TypeScript CI compliance)	2026-05-14 08:07:54 +00:00
the-dogfather-cto[bot]	be5e9d8fc7	chore: promote dev to uat (PR #5 mock path fix) chore: promote dev to uat (PR #5 mock path fix)	2026-05-12 21:34:03 +00:00