starred/ALwrity
1
0
Fork 0
mirror of https://github.com/AJaySi/ALwrity.git synced 2026-04-25 08:55:58 +03:00
Code Issues 82 Projects Releases 4 Packages Wiki Activity

[PR #325] [MERGED] Document OAuth auth-url endpoints and enforce redirect URI validation #292

New issue
Closed
opened 2026-03-02 23:34:59 +03:00 by kerem · 0 comments
kerem commented 2026-03-02 23:34:59 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/AJaySi/ALwrity/pull/325
Author: @AJaySi
Created: 2/9/2026
Status: Merged
Merged: 2/9/2026
Merged by: @AJaySi

Base: mainHead: codex/add-oauth-endpoints-and-validations

📝 Commits (1)

  • 3642101 Document OAuth auth-url endpoints and add inline notes

📊 Changes

11 files changed (+394 additions, -35 deletions)

View changed files

📝 backend/alwrity_utils/router_manager.py (+4 -0)
backend/api/oauth_routes.py (+132 -0)
📝 backend/services/gsc_service.py (+3 -2)
📝 backend/services/integrations/bing_oauth.py (+14 -3)
📝 backend/services/integrations/wix/auth.py (+11 -6)
📝 backend/services/integrations/wordpress_oauth.py (+13 -2)
backend/services/oauth_redirects.py (+88 -0)
📝 backend/services/wix_service.py (+22 -4)
docs/oauth_auth_url_endpoints.md (+72 -0)
📝 frontend/src/components/OnboardingWizard/common/usePlatformConnections.ts (+28 -14)
📝 frontend/src/components/WixCallbackPage/WixCallbackPage.tsx (+7 -4)

📄 Description

Motivation

  • Centralize OAuth URL generation so the frontend no longer hardcodes origins, client IDs, or redirect URIs.
  • Prevent prod/stage/dev mismatches by validating redirect URIs using environment-driven rules.
  • Improve maintainability by adding documentation and clarifying inline comments explaining changed flows.

Description

  • Add a canonical router GET /api/oauth/{provider}/auth-url in backend/api/oauth_routes.py that returns provider auth URLs, redirect URIs, PKCE/state metadata for Wix, and trusted origins for the frontend.
  • Introduce backend/services/oauth_redirects.py with get_redirect_uri and validate_redirect_uri helpers that enforce FRONTEND_URL origin and DEPLOY_ENV expectations and return normalized origins.
  • Update provider services (backend/services/gsc_service.py, backend/services/integrations/bing_oauth.py, backend/services/integrations/wordpress_oauth.py, backend/services/wix_service.py) to use get_redirect_uri for environment-driven redirect URI lookup and to log/fail-safe when redirect config is missing.
  • Adjust Wix integration (backend/services/integrations/wix/auth.py, backend/services/wix_service.py) to return full PKCE payloads and expose get_oauth_config, and update frontend onboarding (frontend/src/components/OnboardingWizard/common/usePlatformConnections.ts) and callback (frontend/src/components/WixCallbackPage/WixCallbackPage.tsx) to fetch backend-provided OAuth metadata, persist it robustly, and prefer backend-supplied client_id.
  • Add documentation docs/oauth_auth_url_endpoints.md describing endpoints, validation rules, required env vars, and frontend integration notes, and register the new router in RouterManager.

Testing

  • No automated tests were executed as part of this change.
  • Changes were committed and code comments and documentation were added to aid manual review and future automated test coverage.

Codex Task

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/AJaySi/ALwrity/pull/325 **Author:** [@AJaySi](https://github.com/AJaySi) **Created:** 2/9/2026 **Status:** ✅ Merged **Merged:** 2/9/2026 **Merged by:** [@AJaySi](https://github.com/AJaySi) **Base:** `main` ← **Head:** `codex/add-oauth-endpoints-and-validations` --- ### 📝 Commits (1) - [`3642101`](https://github.com/AJaySi/ALwrity/commit/36421014ac04a61a99453a974efb687d750af271) Document OAuth auth-url endpoints and add inline notes ### 📊 Changes **11 files changed** (+394 additions, -35 deletions) <details> <summary>View changed files</summary> 📝 `backend/alwrity_utils/router_manager.py` (+4 -0) ➕ `backend/api/oauth_routes.py` (+132 -0) 📝 `backend/services/gsc_service.py` (+3 -2) 📝 `backend/services/integrations/bing_oauth.py` (+14 -3) 📝 `backend/services/integrations/wix/auth.py` (+11 -6) 📝 `backend/services/integrations/wordpress_oauth.py` (+13 -2) ➕ `backend/services/oauth_redirects.py` (+88 -0) 📝 `backend/services/wix_service.py` (+22 -4) ➕ `docs/oauth_auth_url_endpoints.md` (+72 -0) 📝 `frontend/src/components/OnboardingWizard/common/usePlatformConnections.ts` (+28 -14) 📝 `frontend/src/components/WixCallbackPage/WixCallbackPage.tsx` (+7 -4) </details> ### 📄 Description ### Motivation - Centralize OAuth URL generation so the frontend no longer hardcodes origins, client IDs, or redirect URIs. - Prevent prod/stage/dev mismatches by validating redirect URIs using environment-driven rules. - Improve maintainability by adding documentation and clarifying inline comments explaining changed flows. ### Description - Add a canonical router `GET /api/oauth/{provider}/auth-url` in `backend/api/oauth_routes.py` that returns provider auth URLs, redirect URIs, PKCE/state metadata for Wix, and trusted origins for the frontend. - Introduce `backend/services/oauth_redirects.py` with `get_redirect_uri` and `validate_redirect_uri` helpers that enforce `FRONTEND_URL` origin and `DEPLOY_ENV` expectations and return normalized origins. - Update provider services (`backend/services/gsc_service.py`, `backend/services/integrations/bing_oauth.py`, `backend/services/integrations/wordpress_oauth.py`, `backend/services/wix_service.py`) to use `get_redirect_uri` for environment-driven redirect URI lookup and to log/fail-safe when redirect config is missing. - Adjust Wix integration (`backend/services/integrations/wix/auth.py`, `backend/services/wix_service.py`) to return full PKCE payloads and expose `get_oauth_config`, and update frontend onboarding (`frontend/src/components/OnboardingWizard/common/usePlatformConnections.ts`) and callback (`frontend/src/components/WixCallbackPage/WixCallbackPage.tsx`) to fetch backend-provided OAuth metadata, persist it robustly, and prefer backend-supplied `client_id`. - Add documentation `docs/oauth_auth_url_endpoints.md` describing endpoints, validation rules, required env vars, and frontend integration notes, and register the new router in `RouterManager`. ### Testing - No automated tests were executed as part of this change. - Changes were committed and code comments and documentation were added to aid manual review and future automated test coverage. ------ [Codex Task](https://chatgpt.com/codex/tasks/task_e_69898b153320832888ee6adfbb578847) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-03-02 23:34:59 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
codex/task-title-3y5pbt
codex/task-title-lsrpho
codex/task-title
codex/locate-and-render-brollinfopanel-component
codex/import-scene-composition-symbols-in-broll_service
codex/refactor-preview-generation-flow
codex/standardize-chart-preview-route-usage
codex/import-b-roll-handler-and-update-router
codex/implement-podcast-research-response-updates
codex/add-cost-estimation-feature-to-podcastdashboard
codex/remove-heuristic-calculators-and-update-estimates-bhvhnh
codex/remove-heuristic-calculators-and-update-estimates
codex/implement-dedicated-podcastcostest-model
codex/add-podcast-maker-feature-documentation
codex/review-flat-file-context-system-implementation
codex/create-podcast-maker-best-practices-documentation
codex/add-podcast-maker-journey-pages-for-personas
codex/refactor-podcast-maker-documentation-structure
dependabot/npm_and_yarn/frontend/npm_and_yarn-7d3393088f
codex/log-skipped-and-loaded-items
codex/create-startup-phases-for-podcast-demo-tugrzv
codex/create-startup-phases-for-podcast-demo
codex/add-api-feature-profile-status-endpoint
codex/refactor-routermanager-to-use-registry
codex/add-new-modules-for-feature-management
codex/downgrade-api-key-warning-logging
codex/refactor-onboarding-loading-logic
codex/add-ci-lint-check-for-user_id-patterns
codex/remove-sessionlocal-import-and-add-health-check
codex/refactor-dubbed_audio_dir-to-tenant-path-resolver
codex/update-task-metadata-and-api-responses
codex/verify-podcast-analysis-and-cost-tracking
codex/assert-api-endpoints-on-startup
codex/add-env-controlled-guard-for-stripe-key
codex/remove-feature-flag-for-production-demo
codex/add-mode-aware-redirect-logic-in-pricingpage
codex/document-deployment-configuration-for-demo-mode
codex/ensure-api.subscription.router-always-included
codex/guard-onboarding-manager-and-endpoints
codex/wrap-router-inclusion-in-demo-mode-check
codex/add-podcast-only-demo-mode-toggle
dependabot/npm_and_yarn/frontend/npm_and_yarn-f5ea90b336
codex/update-reset_current_billing_period-logic
codex/update-error-handling-in-monitoring-middleware
codex/move-stripe_plan_price_mapping-to-env-driven-config
codex/refactor-billingservice-to-use-authenticated-user
codex/update-user-access-verification-for-routes
session/agent_eae6711f-e04b-4d48-8d66-43ee051feb7b
v0.5.0
v0.3
v0.2
v0.1
Labels
Clear labels   
AI Content Agents

   
AI Content Strategy

   
AI Content planning

   
AI Marketing Tools

   
AI SEO

   
AI personalization

   
AI writer

   
ALwrity Copi-lot

   
Alwrity web search

   
Anthropic

   
DeepSeek

   
Gemini AI

   
Integration

   
LLM

   
OnBoarding

   
OnBoarding

   
RAG knowledgebase Memory

   
bug

   
documentation

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
openai

   
pull-request

Mirrored from GitHub Pull Request

No labels
AI Content Agents
AI Content Strategy
AI Content planning
AI Marketing Tools
AI SEO
AI personalization
AI writer
ALwrity Copi-lot
Alwrity web search
Anthropic
DeepSeek
Gemini AI
Integration
LLM
OnBoarding
OnBoarding
RAG knowledgebase Memory
bug
documentation
enhancement
good first issue
help wanted
invalid
openai
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ALwrity#292
No description provided.