fix(auth): OIDC provider sign-in via POST /sign-in/social (better-auth ≥ 1.7)#2621
Merged
Conversation
…h ≥ 1.7) better-auth 1.7 restructured the genericOAuth plugin: generic OAuth/OIDC providers are injected into the core social sign-in flow and the dedicated POST /sign-in/oauth2 endpoint no longer exists. `signInWithProvider` with `type: 'oidc'` therefore 404'd on every click — "Continue with ObjectStack" (platform SSO) was dead against a current framework server. Sign in through `signIn.social` first; when the social route rejects the provider AND the legacy `signIn.oauth2` client method succeeds (an older < 1.7 server), fall back to it — the coordinated framework/cloud rollout can't atomically flip every deployment. When both routes fail, surface the social-route error: on a ≥ 1.7 server it is the real failure, the legacy route only 404s. Companion changes: framework adds the better-auth 1.7 sys_oauth_* columns (objectstack-ai/framework#3080); cloud registers the new /api/v1/auth/callback/<provider> redirect_uri format alongside the legacy one. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
Contributor
✅ Console Performance Budget
📦 Bundle Size Report
Size Limits
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
问题
better-auth 1.7 重构了 genericOAuth 插件:generic OAuth/OIDC provider 被注入核心 social sign-in 流,专用的
POST /sign-in/oauth2端点不复存在。signInWithProvider(type:'oidc')每次点击都 404 —— env 登录页「Continue with ObjectStack」(平台 SSO)对新 framework 服务器完全打不通(实测 cloud 本地 rig,三仓 main,2026-07-16)。实测正确路由:
POST /api/v1/auth/sign-in/social,body{provider:'objectstack-cloud', callbackURL:…}→ 200 + 授权 URL。修复
createAuthClient.signInWithProvider的type:'oidc'分支:signIn.social(≥1.7 服务器的正确路由)signIn.oauth2成功时回退(<1.7 老服务器,三仓协调滚动期间无法原子切换)测试
packages/auth:7 files / 82 tests 全过,新增/更新 5 个signInWithProvider用例:tsc --noEmit干净。三仓协调
🤖 Generated with Claude Code