Skip to content

add OAuth client developer settings page with approval workflow#2

Draft
charleslpan wants to merge 82 commits into
mainfrom
devin/oauth-developer-settings-1764693294
Draft

add OAuth client developer settings page with approval workflow#2
charleslpan wants to merge 82 commits into
mainfrom
devin/oauth-developer-settings-1764693294

Conversation

@charleslpan
Copy link
Copy Markdown
Owner

@charleslpan charleslpan commented Jan 18, 2026

What does this PR do?

  • Fixes #XXXX (GitHub issue number)
  • Fixes CAL-XXXX (Linear issue number - should be visible at the bottom of the GitHub issue description)

Visual Demo (For contributors especially)

A visual demonstration is strongly recommended, for both the original and new change (video / image - any one).

Video Demo (if applicable):

  • Show screen recordings of the issue or feature.
  • Demonstrate how to reproduce the issue, the behavior before and after the change.

Image Demo (if applicable):

  • Add side-by-side screenshots of the original and updated change.
  • Highlight any significant change(s).

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. If N/A, write N/A here and check the checkbox.
  • I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

  • Are there environment variables that should be set?
  • What are the minimal test data to have?
  • What is expected (happy path) to have (input and output)?
  • Any other important info that could help to test that PR

Checklist

  • I haven't read the contributing guide
  • My code doesn't follow the style guidelines of this project
  • I haven't commented my code, particularly in hard-to-understand areas
  • I haven't checked if my changes generate no new warnings

devin-ai-integration Bot and others added 30 commits December 2, 2025 17:03
@devin-ai-integration @PeerRich
feat: add OAuth client developer settings page with approval workflow
5dc87b3 
- Add new developer OAuth page at /settings/developer/oAuth for users to submit OAuth client requests
- Transform admin OAuth page into management dashboard for reviewing/approving submissions
- Add OAuthClientApprovalStatus enum (PENDING, APPROVED, REJECTED) to track submission status
- Add userId and createdAt fields to OAuthClient model for tracking submissions
- Create email notifications for admin (new submission) and user (approval)
- Add sidebar navigation link in developer section below API keys
- Add comprehensive translations for new UI strings
- Create OAuthClientRepository for data access following repository pattern

Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration @PeerRich
fix: re-export generateSecret for backward compatibility
c6c68d4 
Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration @PeerRich
feat: make logo mandatory and list items clickable for OAuth clients
a3f1bc9 
Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration @PeerRich
fix: add missing translation keys and remove client secret from detai…
b1b39a2 
…ls dialog

Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration @PeerRich
fix: address cubic AI reviewer comments
03c7d13 
- Remove duplicate 'there' JSON key in common.json
- Add select clause to findByUserId to avoid exposing clientSecret
- Add @@index([userId]) to OAuthClient model for query performance
- Update migration to include the index

Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration @eunjae-lee
fix: address PR review comments - fix indentation and use useCopy hook
582cef5 
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@devin-ai-integration @eunjae-lee
fix: change react-dom/server import to fix Turbopack compatibility
c3e0b70 
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@devin-ai-integration
Revert "fix: change react-dom/server import to fix Turbopack compatib…
c29dbb3 
…ility"

This reverts commit c3e0b70.
@devin-ai-integration @eunjae-lee
fix: use email service pattern for OAuth client notifications
c5f13a5 
Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@devin-ai-integration @eunjae-lee
fix: add try-catch around email sending to handle Turbopack react-dom…
fc9d47c 
…/server issue

Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@devin-ai-integration
Revert "fix: add try-catch around email sending to handle Turbopack r…
3804fe3 
…eact-dom/server issue"

This reverts commit fc9d47c.
@devin-ai-integration @eunjae-lee
fix: improve OAuth client UI with skeleton loaders and smaller dialog…
05172df 
… styling

- Replace 'Loading...' text with proper skeleton loaders in both developer and admin OAuth client views
- Make client_id and copy button smaller in dialogs using size='sm' and text-sm styling
- Add 'client_id' translation key to common.json for proper i18n

Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@devin-ai-integration @eunjae-lee
fix: improve skeleton loader to match actual OAuth client list structure
dfd5bc2 
- Remove divide-y from container and use conditional border-b on rows
- Match the exact structure from oauth-clients-view.tsx L126-160
- Use proper spacing for text elements (mt-1 instead of space-y-2)

Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@eunjae-lee
fix skeleton
7500de8
@eunjae-lee
rename the selected oauth client dialog
a1d86ac
@devin-ai-integration @eunjae-lee
fix: address PR feedback - admin auth, dropdown styling, sidebar label
bc6f449 
- Add defense-in-depth admin authorization check in updateClientStatus handler
- Fix broken dropdown menu by using DropdownItem with StartIcon prop
- Fix sidebar menu label from 'oAuth' to 'oauth_clients' to match developer view

Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@eunjae-lee
update common.json
523db2f
@devin-ai-integration @eunjae-lee
feat: show client secret in approval email for confidential OAuth cli…
661ffa7 
…ents

- Add regenerateSecret method to OAuthClientRepository
- Regenerate secret when admin approves a PENDING confidential client
- Include client secret in approval notification email
- Add one-time warning message about storing the secret securely
- Only regenerate on first approval (not re-approvals)

Co-Authored-By: eunjae@cal.com <hey@eunjae.dev>
@devin-ai-integration @PeerRich
feat: add Website URL field, fix logo styling, show client secret aft…
5b0b738 
…er approval

- Add Website URL field to OAuth client forms (admin and developer views)
- Fix Upload Logo section styling by wrapping in Label div with proper gap
- Display client secret in dialog after admin approves a confidential OAuth client
- Add websiteUrl field to Prisma schema with migration
- Update tRPC handlers and repository to support websiteUrl
- Add translation keys for new UI elements

Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration @PeerRich
fix: move clientSecret variable declaration outside if block for prop…
a05ffea 
…er scoping

Co-Authored-By: peer@cal.com <peer@cal.com>
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
3fedda6
@supalarry
refactor: dont expose client secret in emails
80dc2ed
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
50daba7
@supalarry
refactor: dont regenerate secret upon status change
098ebcc
@supalarry
refactor: reuse existing hash function
c0a7c5f
@supalarry
refactor: rename admin/oAuth to admin/oauth page
c384a37
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
82274aa
@supalarry
refactor: deduplicate oauth repositories
93c2fd7
@supalarry
refactor: remove withGlobalPrisma from oauth repository
8415ef0
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
681f7a9
supalarry and others added 30 commits January 13, 2026 18:27
@supalarry
refactor: get rid of redundant mapping
32d61ba
@supalarry
refactor: remove redundant handler
d8ba093
@supalarry
refactor: remove redundant handler
14d5d92
@supalarry
refactor: re-usable new oauth client button
bc146ab
@supalarry
refactor: dialogs
e9e0018
@supalarry
refactor: modals
100e0a1
@supalarry
refactor: handler names, dialog, skeleton
44a0f67
@supalarry
fix: purpose being null
350799d
@supalarry
refactor: rename handler and delete old oauth admin page
44ce7bd
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
bb0faa8
@supalarry
fix: purpose in submission
c958f96
@supalarry
refactor: handler names
54ec8b9
@supalarry
refactor: rename
1c6f039
@supalarry
refactor: update handler
b6ebb15
@supalarry
refactor: rename approvalStatus -> status
52dc384
@supalarry
refactor: simplify modal
47723a8
@supalarry
refactor: name
df18f3c
@supalarry
dont require repproval if redirectUri changes
ec19534
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
1aa80b4
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
9457c40
@supalarry
fix: remove integration sync index creation
6cc78d4
@supalarry
refactor: require re-approval if redirectUri updated
a5c38be
@supalarry
fix: flaky e2e test
154eee1
@supalarry
fix: flaky e2e test
83eccde
@supalarry
fix: flaky e2e test
b2888f4
@supalarry
Merge branch 'main' into devin/oauth-developer-settings-1764693294
0b03d23
@supalarry
fix: remove duplicate common.json keys
ce0fb75
@supalarry
refactor: replace team@cal.com with SUPPORT_MAIL_ADDRESS
4a80d67
@supalarry
refactor: generate client secret on handler level
1e5854b
@supalarry
fix: authorization code only available to approved clients
e8b809d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@charleslpan @eunjae-lee @supalarry