Skip to content

Commit ec5e2ce

Browse files
waleedlatif1waleedlatif1
committed
fix(oauth): updated oauth providers that had unstable reference IDs leading to duplicate oauth records
1 parent 5516fa3 commit ec5e2ce

File tree

1 file changed

+19
-35
lines changed

1 file changed

+19
-35
lines changed

apps/sim/lib/auth/auth.ts

Lines changed: 19 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,8 @@ export const auth = betterAuth({
110110
account: {
111111
create: {
112112
before: async (account) => {
113+
// Check if credential already exists (same user, provider, and accountId)
114+
// This handles re-authorization: update existing credential instead of creating duplicate
113115
const existing = await db.query.account.findFirst({
114116
where: and(
115117
eq(schema.account.userId, account.userId),
@@ -119,16 +121,6 @@ export const auth = betterAuth({
119121
})
120122

121123
if (existing) {
122-
logger.warn(
123-
'[databaseHooks.account.create.before] Duplicate account detected, updating existing',
124-
{
125-
existingId: existing.id,
126-
userId: account.userId,
127-
providerId: account.providerId,
128-
accountId: account.accountId,
129-
}
130-
)
131-
132124
await db
133125
.update(schema.account)
134126
.set({
@@ -733,17 +725,17 @@ export const auth = betterAuth({
733725
scopes: ['login', 'data'],
734726
responseType: 'code',
735727
redirectURI: `${getBaseUrl()}/api/auth/oauth2/callback/wealthbox`,
736-
getUserInfo: async (tokens) => {
728+
getUserInfo: async (_tokens) => {
737729
try {
738730
logger.info('Creating Wealthbox user profile from token data')
739731

740-
const uniqueId = `wealthbox-${Date.now()}`
732+
const uniqueId = 'wealthbox-user'
741733
const now = new Date()
742734

743735
return {
744736
id: uniqueId,
745737
name: 'Wealthbox User',
746-
email: `${uniqueId.replace(/[^a-zA-Z0-9]/g, '')}@wealthbox.user`,
738+
email: `${uniqueId}@wealthbox.user`,
747739
emailVerified: false,
748740
createdAt: now,
749741
updatedAt: now,
@@ -1655,33 +1647,25 @@ export const auth = betterAuth({
16551647
redirectURI: `${getBaseUrl()}/api/auth/oauth2/callback/slack`,
16561648
getUserInfo: async (tokens) => {
16571649
try {
1658-
logger.info('Creating Slack bot profile from token data')
1650+
const rawTokens = tokens as Record<string, unknown>
1651+
const team = rawTokens.team as { id?: string; name?: string } | undefined
1652+
const botUserId = rawTokens.bot_user_id as string | undefined
16591653

1660-
// Extract user identifier from tokens if possible
1661-
let userId = 'slack-bot'
1662-
if (tokens.idToken) {
1663-
try {
1664-
const decodedToken = JSON.parse(
1665-
Buffer.from(tokens.idToken.split('.')[1], 'base64').toString()
1666-
)
1667-
if (decodedToken.sub) {
1668-
userId = decodedToken.sub
1669-
}
1670-
} catch (e) {
1671-
logger.warn('Failed to decode Slack ID token', { error: e })
1672-
}
1673-
}
1654+
const teamId = team?.id || 'unknown'
1655+
const teamName = team?.name || 'Slack Workspace'
1656+
const userId = botUserId || 'bot'
16741657

1675-
const uniqueId = `${userId}-${Date.now()}`
1676-
const now = new Date()
1658+
const uniqueId = `${teamId}-${userId}`
1659+
1660+
logger.info('Slack credential identifier', { teamId, userId, uniqueId, teamName })
16771661

16781662
return {
16791663
id: uniqueId,
1680-
name: 'Slack Bot',
1681-
email: `${uniqueId.replace(/[^a-zA-Z0-9]/g, '')}@slack.bot`,
1664+
name: teamName,
1665+
email: `${teamId}${userId}@slack.bot`,
16821666
emailVerified: false,
1683-
createdAt: now,
1684-
updatedAt: now,
1667+
createdAt: new Date(),
1668+
updatedAt: new Date(),
16851669
}
16861670
} catch (error) {
16871671
logger.error('Error creating Slack bot profile:', { error })
@@ -1722,7 +1706,7 @@ export const auth = betterAuth({
17221706
const data = await response.json()
17231707
const now = new Date()
17241708

1725-
const userId = data.user_id || `webflow-${Date.now()}`
1709+
const userId = data.user_id || 'user'
17261710
const uniqueId = `webflow-${userId}`
17271711

17281712
return {

0 commit comments

Comments
 (0)