[WIP] Added Social, SMS and Webauthn to Magic.Link

[BurnedChris]

Still WIP.

Need to work out the final step on https://magic.link/docs/login-methods/social-logins/oauth-implementation/web

@seemcat is there anything you can add to this?

const result = await magic.oauth.getRedirectResult();

// Result has the following interface
interface OAuthRedirectResult {
  oauth: {
    provider: string;
    scope: string[];
    accessToken: string;
    userHandle: string;

    // `userInfo` contains the OpenID Connect profile information 
    // about the user. The schema of this object should match the 
    // OpenID spec, except that fields are `camelCased` instead 
    // of `snake_cased`. 
    // The presence of some fields may differ depending on the 
    // specific OAuth provider and the user's own privacy settings. 
    // See: https://openid.net/specs/openid-connect-basic-1_0.html#StandardClaims

    userInfo: ...;
  };

  magic: {
    idToken: string;
    userMetadata: MagicUserMetadata;
  };
}

[BurnedChris]

i have been testing out the integration SMS + email seems to work as expected Socials currently log you in but no scopes are currently provided.

[thedavidprice]

@burnsy do you anticipate anything breaking here for existing Magic.link users? After a quick glance at the code, I don't understand if projects will be required to make a modification based on the new signup() function.

If you don't know yet, that's fine as well.

[BurnedChris]

Right now yes there is breaking as it does not have a default type as it's not optional but it can be set to optional. And have the default type be email link.

[dthyresson]

@burnsy Per #3596 to make certain the auth templates per provider are typed, would you be able to change the magic auth template to have roles in the requireAuth check?

/**
 * Checks if the currentUser is authenticated (and assigned one of the given roles)
 *
 * @param roles: AllowedRoles - Checks if the currentUser is assigned one of these roles
 *
 * @returns {boolean} - Returns true if the currentUser is logged in and assigned one of the given roles,
 * or when no roles are provided to check against. Otherwise returns false.
 */
export const hasRole = ({ roles }: { roles: AllowedRoles }): boolean => {

Currently it is

export const requireAuth = () => {
  if (!isAuthenticated()) {
    throw new AuthenticationError("You don't have permission to do that.")
  }
  // Custom implementation of RBAC is required for magicLink
}

And we'll want to send in roles with the requireAuth directive.

Thanks.

[thedavidprice]

@burnsy checking in on status here. Is this something you'd like to include in v1.0.0-rc? If so, would need to be wrapped up by this weekend.

[thedavidprice]

@burnsy checking in here — is this something you think you'd like to work on near-term?

[BurnedChris]

I am super packed in RL right now, looking for someone to take this over and finish it up!

[thedavidprice]

looping in @shahbaz17 Would this be something you could look into adding along with updates related to #4596?

No pressure. Just determining how/if I should manage this.

[jtoar]

We've removed out of the box magic link support in v4. See #7138 and #6910.