groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(GRO-391): remove clientSecret from test schema; use internalBaseUrl

Browse Source 
Test connection was always 400 because testAuthProviderSchema required
clientSecret, but OIDC discovery only needs issuer/internal URLs.
Aligned admin test endpoint with setup.ts behavior:
- Drop providerId, clientId, clientSecret from schema
- Add optional internalBaseUrl; use it for discovery URL when set
- Frontend now sends issuerUrl + internalBaseUrl (when populated)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
groombook-engineer[bot]
2026-04-03 07:43:44 +00:00
parent 13e3084333
commit 624bb14ccb
2 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/api/src/routes/admin/authProvider.ts
+5 -5
View File
@@ -124,10 +124,8 @@ authProviderRouter.put(
// ─── POST /api/admin/auth-provider/test ─────────────────────────────────────
const testAuthProviderSchema = z.object({
providerId: z.string().min(1).max(100),
issuerUrl: z.string().url(),
clientId: z.string().min(1),
clientSecret: z.string().min(1),
internalBaseUrl: z.string().url().nullable().optional(),
});
authProviderRouter.post(
@@ -135,10 +133,12 @@ authProviderRouter.post(
requireSuperUser(),
zValidator("json", testAuthProviderSchema),
async (c) => {
const { issuerUrl } = c.req.valid("json");
const { issuerUrl, internalBaseUrl } = c.req.valid("json");
// Fetch OIDC discovery document
const discoveryUrl = `${issuerUrl.replace(/\/$/, "")}/.well-known/openid-configuration`;
const discoveryUrl = internalBaseUrl
? `${internalBaseUrl.replace(/\/$/, "")}/application/o/.well-known/openid-configuration`
: `${issuerUrl.replace(/\/$/, "")}/.well-known/openid-configuration`;
let metadata: Record<string, unknown> | null = null;
let errorMessage: string | null = null;
apps/web/src/pages/Settings.tsx
+1 -2
View File
@@ -235,9 +235,8 @@ export function SettingsPage() {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
providerId: authForm.providerId,
issuerUrl: authForm.issuerUrl,
clientId: authForm.clientId,
...(authForm.internalBaseUrl ? { internalBaseUrl: authForm.internalBaseUrl } : {}),
}),
});
const data = await res.json();