Skip to content

Auth0 support#879

Closed
daniel-sali wants to merge 5 commits into
tale-project:mainfrom
nuvolos-cloud:auth0-support
Closed

Auth0 support#879
daniel-sali wants to merge 5 commits into
tale-project:mainfrom
nuvolos-cloud:auth0-support

Conversation

@daniel-sali

@daniel-sali daniel-sali commented Mar 26, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown

Summary by CodeRabbit

  • New Features

    • Added Auth0 OAuth authentication support with automatic user provisioning.
    • Enabled cross-origin iframe embedding via updated security headers.

  • Configuration

    • Updated session cookie settings to support iframe scenarios.
    • Modified frame embedding policy from X-Frame-Options to Content-Security-Policy.

@daniel-sali
feat(auth): add Auth0 configuration and integrate genericOAuth plugin
09a90b5
@daniel-sali
feat(auth): implement auto-provisioning for Auth0 users and add tests
5e9515e
@daniel-sali
feat(proxy): update Caddyfile for enhanced security and modify entryp…
f306515 
…oint script for TLS handling
@daniel-sali
fix: make auth0 plugin conditional + sync AUTH0 env vars to Convex
0049dea 
1. auth.ts: Only register genericOAuth(auth0(...)) plugin when
   AUTH0_DOMAIN is set, preventing 'Cannot read properties of
   undefined (reading replace)' crash during module analysis.

2. docker-entrypoint.sh: Add AUTH0_DOMAIN, AUTH0_CLIENT_ID,
   AUTH0_CLIENT_SECRET to ENV_VARS_TO_SYNC so they reach the
   Convex function runtime via 'convex env set'.
greptile-apps[bot]
greptile-apps Bot reviewed Mar 26, 2026
View reviewed changes

@greptile-apps greptile-apps Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

@coderabbitai

coderabbitai Bot commented Mar 26, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: dda8fc55-8a98-4aa1-bb7e-720e66fc074d

📥 Commits

Reviewing files that changed from the base of the PR and between 3f709d6 and 88d2eb8.

📒 Files selected for processing (10)
  • .env.example
  • compose.yml
  • services/platform/convex/auth.test.ts
  • services/platform/convex/auth.ts
  • services/platform/convex/betterAuth/__tests__/provision_auth0_user.test.ts
  • services/platform/convex/betterAuth/provision_auth0_user.ts
  • services/platform/docker-entrypoint.sh
  • services/platform/lib/auth-client.ts
  • services/proxy/Caddyfile
  • services/proxy/docker-entrypoint.sh
📝 Walkthrough

Walkthrough

This pull request implements Auth0 OAuth integration across the platform and proxy services. The changes include adding Auth0 configuration environment variables to .env.example, updating the Better Auth setup in services/platform/convex/auth.ts to conditionally load the genericOAuth plugin with Auth0 credentials, and introducing a new provisionAuth0User module that creates organization memberships for Auth0-authenticated users. Supporting infrastructure changes include updating Docker Compose configuration with quote standardization and an additional proxy port, extending the Convex deployment script to synchronize Auth0 environment variables, adding client-side genericOAuthClient plugin support, and modifying the proxy's security headers from X-Frame-Options to Content-Security-Policy with frame-ancestors. The proxy docker entrypoint script was also refactored to simplify TLS mode handling.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Possibly related PRs

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@daniel-sali