fix: Complete OAuth DPoP implementation with working stores

Fixed multiple issues with the @atproto/oauth-client-node integration: 1. OAuth State Store: - Changed from SQL WHERE queries to SurrealDB record IDs - Use `oauth_state:⟨${key}⟩` pattern for direct lookups - Fixes "Parse error: Unexpected token" issues 2. OAuth Session Store: - Changed from SQL WHERE queries to SurrealDB record IDs - Use `oauth_session:⟨${did}⟩` pattern for direct lookups - Implement proper upsert logic with select + merge/create 3. OAuth Client Configuration: - Use loopback pattern with metadata in client_id query params - Format: `http://localhost/?redirect_uri=...&scope=atproto` - Complies with ATproto OAuth localhost development mode 4. Auth Callback: - Remove getProfile API call that requires additional scopes - Use DID directly from session for user identification - Simplify user creation in SurrealDB with record IDs 5. Login Page: - Change from GET redirect to POST with JSON body - Properly handle errors and display to user The OAuth flow now works end-to-end: - User enters handle → redirects to Bluesky OAuth - User authorizes → callback exchanges code for tokens - Session stored in SurrealDB → user redirected to /chat 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-09 01:53:12 +00:00
parent d7f3bcd338
commit 0ec5adb246
5 changed files with 102 additions and 59 deletions
--- a/lib/auth/oauth-state-store.ts
+++ b/lib/auth/oauth-state-store.ts
@@ -41,10 +41,13 @@ export function createStateStore(): NodeSavedStateStore {
      const db = await getDB();

      try {
-        await db.query(
-          'CREATE oauth_state SET key = $key, value = $value',
-          { key, value }
-        );
+        // Use the key as the record ID for direct lookup
+        // Escape special characters in the key for SurrealDB record ID
+        await db.create(`oauth_state:⟨${key}⟩`, {
+          key,
+          value,
+          created_at: new Date().toISOString(),
+        });
      } finally {
        await db.close();
      }
@@ -54,12 +57,12 @@ export function createStateStore(): NodeSavedStateStore {
      const db = await getDB();

      try {
-        const [result] = await db.query<[{ value: NodeSavedState }[]]>(
-          'SELECT value FROM oauth_state WHERE key = $key',
-          { key }
-        );
+        // Select directly by record ID
+        const result = await db.select<{ value: NodeSavedState }>(`oauth_state:⟨${key}⟩`);

-        return result?.[0]?.value;
+        // db.select() returns an array when selecting a specific record ID
+        const record = Array.isArray(result) ? result[0] : result;
+        return record?.value;
      } finally {
        await db.close();
      }
@@ -69,10 +72,8 @@ export function createStateStore(): NodeSavedStateStore {
      const db = await getDB();

      try {
-        await db.query(
-          'DELETE oauth_state WHERE key = $key',
-          { key }
-        );
+        // Delete directly by record ID
+        await db.delete(`oauth_state:⟨${key}⟩`);
      } finally {
        await db.close();
      }