Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: adjust required claims in custom access token hook #1913

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: adjust required claims in custom access token hook #1913

wants to merge 1 commit into from
+5 −5

Conversation

hf
Copy link
Contributor

@hf hf commented Jan 14, 2025
edited
Loading

email and phone should not be required as they are not used by Supabase Auth for anything meaningful. They also don't have to exist (but are probably set as "" today) if using just email provider, or just phone provider, or anonymous sign-ins, etc.

is_anonymous also is not required as it depends on whether it's used in RLS policies.

iss should be added but it's not as it only makes sense with asymmetric JWTs. Additional validation on this will follow.

See:

@hf hf requested a review from a team as a code owner January 14, 2025 17:34
@hf hf mentioned this pull request Jan 14, 2025
Merged
@coveralls
Copy link

Pull Request Test Coverage Report for Build 12773204803

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 65.435%
Totals Coverage Status
Change from base Build 12724630104: 0.0%
Covered Lines: 9814
Relevant Lines: 14998
💛 - Coveralls

hf
hf commented Jan 14, 2025
View reviewed changes
internal/hooks/auth_hooks.go
Comment on lines +103 to +106
Email string `json:"email,omitempty"`
Phone string `json:"phone,omitempty"`
AppMetaData map[string]interface{} `json:"app_metadata,omitempty"`
UserMetaData map[string]interface{} `json:"user_metadata,omitempty"`
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having second thoughts about this change... it could be a breaking change

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah i don't think we should add omitempty because this would remove the field entirely from the struct if it's not present vs returning an empty json object currently

@staaldraad staaldraad mentioned this pull request Jan 20, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kangmingtay kangmingtay kangmingtay left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hf @coveralls @kangmingtay