Skip to content

Commit b0cd362

Browse files
kentcdoddskentcdodds
committed
Add GitHub redirect URI configuration and improve type safety
1 parent e4ddb38 commit b0cd362

File tree

3 files changed

+21
-15
lines changed

3 files changed

+21
-15
lines changed

.env.example

+1
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ INTERNAL_COMMAND_TOKEN="some-made-up-token"
1515
GITHUB_CLIENT_ID="MOCK_GITHUB_CLIENT_ID"
1616
GITHUB_CLIENT_SECRET="MOCK_GITHUB_CLIENT_SECRET"
1717
GITHUB_TOKEN="MOCK_GITHUB_TOKEN"
18+
GITHUB_REDIRECT_URI="https://example.com/auth/github/callback"
1819

1920
# set this to false to prevent search engines from indexing the website
2021
# default to allow indexing for seo safety

app/utils/env.server.ts

+1
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ const schema = z.object({
1515
// If you plan to use GitHub auth, remove the default:
1616
GITHUB_CLIENT_ID: z.string().default('MOCK_GITHUB_CLIENT_ID'),
1717
GITHUB_CLIENT_SECRET: z.string().default('MOCK_GITHUB_CLIENT_SECRET'),
18+
GITHUB_REDIRECT_URI: z.string().default('MOCK_GITHUB_REDIRECT_URI'),
1819
GITHUB_TOKEN: z.string().default('MOCK_GITHUB_TOKEN'),
1920
ALLOW_INDEXING: z.enum(['true', 'false']).optional(),
2021

app/utils/providers/github.server.ts

+19-15
Original file line numberDiff line numberDiff line change
@@ -24,27 +24,29 @@ const shouldMock =
2424
process.env.GITHUB_CLIENT_ID?.startsWith('MOCK_') ||
2525
process.env.NODE_ENV === 'test'
2626

27-
type GitHubEmailsResponse = {
28-
email: string
29-
verified: boolean
30-
primary: boolean
31-
visibility: string | null
32-
}[]
27+
const GitHubEmailSchema = z.object({
28+
email: z.string(),
29+
verified: z.boolean(),
30+
primary: z.boolean(),
31+
visibility: z.string().nullable(),
32+
})
3333

34-
type GitHubUserResponse = {
35-
login: string
36-
id: string
37-
name: string | undefined
38-
avatar_url: string | undefined
39-
}
34+
const GitHubEmailsResponseSchema = z.array(GitHubEmailSchema)
35+
36+
const GitHubUserResponseSchema = z.object({
37+
login: z.string(),
38+
id: z.string(),
39+
name: z.string().optional(),
40+
avatar_url: z.string().optional(),
41+
})
4042

4143
export class GitHubProvider implements AuthProvider {
4244
getAuthStrategy() {
4345
return new GitHubStrategy(
4446
{
4547
clientId: process.env.GITHUB_CLIENT_ID,
4648
clientSecret: process.env.GITHUB_CLIENT_SECRET,
47-
redirectURI: 'https://www.epicstack.dev/auth/github/callback',
49+
redirectURI: process.env.GITHUB_REDIRECT_URI,
4850
},
4951
async ({ tokens }) => {
5052
// we need to fetch the user and the emails separately, this is a change in remix-auth-github
@@ -56,7 +58,8 @@ export class GitHubProvider implements AuthProvider {
5658
'X-GitHub-Api-Version': '2022-11-28',
5759
},
5860
})
59-
const user = (await userResponse.json()) as GitHubUserResponse
61+
const rawUser = await userResponse.json()
62+
const user = GitHubUserResponseSchema.parse(rawUser)
6063

6164
const emailsResponse = await fetch(
6265
'https://api.github.com/user/emails',
@@ -68,7 +71,8 @@ export class GitHubProvider implements AuthProvider {
6871
},
6972
},
7073
)
71-
const emails = (await emailsResponse.json()) as GitHubEmailsResponse
74+
const rawEmails = await emailsResponse.json()
75+
const emails = GitHubEmailsResponseSchema.parse(rawEmails)
7276
const email = emails.find((e) => e.primary)?.email
7377
if (!email) {
7478
throw new Error('Email not found')

0 commit comments

Comments
 (0)