Add supabase docs, modify integration docs wording, check integration middleware

backend/src/helpers/integration.ts

@@ -72,7 +72,7 @@ interface Update {
     if (!integration) throw IntegrationNotFoundError();
 
     const integrationAuth = await IntegrationAuth
-        .findById(integrationId)
+        .findById(integration.integrationAuth)
         .select(
 			'+refreshCiphertext +refreshIV +refreshTag +accessCiphertext +accessIV +accessTag +accessExpiresAt'
         );

backend/src/helpers/integrationAuth.ts

@@ -34,19 +34,21 @@ import { validateServiceAccountClientForWorkspace } from '../helpers/serviceAcco
  */
  const validateClientForIntegrationAuth = async ({
     authData,
-    integrationId,
-    acceptedRoles
+    integrationAuthId,
+    acceptedRoles,
+    attachAccessToken
 }: {
     authData: {
 		authMode: string;
 		authPayload: IUser | IServiceAccount | IServiceTokenData;
 	};
-    integrationId: Types.ObjectId;
+    integrationAuthId: Types.ObjectId;
     acceptedRoles: Array<'admin' | 'member'>;
+    attachAccessToken?: boolean;
 }) => {
 
     const integrationAuth = await IntegrationAuth
-        .findById(integrationId)
+        .findById(integrationAuthId)
         .populate<{ workspace: IWorkspace }>('workspace')
         .select(
 			'+refreshCiphertext +refreshIV +refreshTag +accessCiphertext +accessIV +accessTag +accessExpiresAt'
@@ -54,9 +56,12 @@ import { validateServiceAccountClientForWorkspace } from '../helpers/serviceAcco
     
     if (!integrationAuth) throw IntegrationAuthNotFoundError();
     
-    const accessToken = (await IntegrationService.getIntegrationAuthAccess({
-        integrationAuthId: integrationAuth._id
-    })).accessToken;
+    let accessToken;
+    if (attachAccessToken) {
+        accessToken = (await IntegrationService.getIntegrationAuthAccess({
+            integrationAuthId: integrationAuth._id
+        })).accessToken;
+    }
     
     if (authData.authMode === AUTH_MODE_JWT && authData.authPayload instanceof User) {
         await validateUserClientForWorkspace({

backend/src/middleware/requireIntegrationAuth.ts

@@ -18,10 +18,8 @@ const requireIntegrationAuth = ({
 	acceptedRoles: Array<'admin' | 'member'>;
 }) => {
 	return async (req: Request, res: Response, next: NextFunction) => {
-		// integration authorization middleware
-
 		const { integrationId } = req.params;
-	
+
 		const { integration, accessToken } = await validateClientForIntegration({
 			authData: req.authData,
 			integrationId: new Types.ObjectId(integrationId),

backend/src/middleware/requireIntegrationAuthorizationAuth.ts

@@ -27,11 +27,12 @@ const requireIntegrationAuthorizationAuth = ({
 }) => {
 	return async (req: Request, res: Response, next: NextFunction) => {
 		const { integrationAuthId } = req[location];
-		
+
 		const { integrationAuth, accessToken } = await validateClientForIntegrationAuth({
 			authData: req.authData,
-			integrationId: new Types.ObjectId(integrationAuthId),
-			acceptedRoles
+			integrationAuthId: new Types.ObjectId(integrationAuthId),
+			acceptedRoles,
+			attachAccessToken
 		});
 		
 		if (integrationAuth) {

backend/src/middleware/requireMembershipAuth.ts

@@ -30,15 +30,15 @@ const requireMembershipAuth = ({
         res: Response, 
         next: NextFunction
     ) => {
-            const { membershipId } = req[locationMembershipId];
-            
-            req.targetMembership = await validateClientForMembership({
-                authData: req.authData,
-                membershipId: new Types.ObjectId(membershipId),
-                acceptedRoles
-            });
-            
-            return next();
+        const { membershipId } = req[locationMembershipId];
+        
+        req.targetMembership = await validateClientForMembership({
+            authData: req.authData,
+            membershipId: new Types.ObjectId(membershipId),
+            acceptedRoles
+        });
+        
+        return next();
     }
 }
 

docs/integrations/cicd/circleci.mdx

@@ -1,6 +1,6 @@
 ---
 title: "CircleCI"
-description: "How to automatically sync secrets from Infisical into your CircleCI project."
+description: "How to sync secrets from Infisical to CircleCI"
 ---
 
 Prerequisites:

docs/integrations/cicd/githubactions.mdx

@@ -1,6 +1,6 @@
 ---
 title: "GitHub Actions"
-description: "How to automatically sync secrets from Infisical into your GitHub Actions."
+description: "How to sync secrets from Infisical to GitHub Actions"
 ---
 
 <Warning>

docs/integrations/cicd/gitlab.mdx

@@ -1,6 +1,6 @@
 ---
 title: "GitLab"
-description: "How to automatically sync secrets from Infisical into GitLab."
+description: "How to sync secrets from Infisical to GitLab"
 ---
 
 Prerequisites:

docs/integrations/cicd/travisci.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Travis CI"
-description: "How to automatically sync secrets from Infisical to your Travis CI repository."
+description: "How to sync secrets from Infisical to Travis CI"
 ---
 
 Prerequisites:

docs/integrations/cloud/aws-parameter-store.mdx

@@ -1,6 +1,6 @@
 ---
 title: "AWS Parameter Store"
-description: "How to automatically sync secrets from Infisical to your AWS Parameter Store."
+description: "How to sync secrets from Infisical to AWS Parameter Store"
 ---
 
 Prerequisites:

docs/integrations/cloud/aws-secret-manager.mdx

@@ -1,6 +1,6 @@
 ---
 title: "AWS Secret Manager"
-description: "How to automatically sync secrets from Infisical to your AWS Secret Manager."
+description: "How to sync secrets from Infisical to AWS Secret Manager"
 ---
 
 Prerequisites:

docs/integrations/cloud/azure-key-vault.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Azure Key Vault"
-description: "How to automatically sync secrets from Infisical into your Azure Key Vault."
+description: "How to sync secrets from Infisical to Azure Key Vault"
 ---
 
 Prerequisites:

docs/integrations/cloud/flyio.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Fly.io"
-description: "How to automatically sync secrets from Infisical into your Fly.io project."
+description: "How to sync secrets from Infisical to Fly.io"
 ---
 
 Prerequisites:

docs/integrations/cloud/heroku.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Heroku"
-description: "How to automatically sync secrets from Infisical into your Heroku project."
+description: "How to sync secrets from Infisical to Heroku"
 ---
 
 Prerequisites:

docs/integrations/cloud/netlify.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Netlify"
-description: "How to automatically sync secrets from Infisical into your Netlify project."
+description: "How to sync secrets from Infisical to Netlify"
 ---
 
 <Warning>

docs/integrations/cloud/railway.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Railway"
-description: "How to automatically sync secrets from Infisical into your Railway projects and services"
+description: "How to sync secrets from Infisical to Railway"
 ---
 
 Prerequisites:

docs/integrations/cloud/render.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Render"
-description: "How to automatically sync secrets from Infisical into your Render project."
+description: "How to sync secrets from Infisical to Render"
 ---
 
 Prerequisites:

docs/integrations/cloud/supabase.mdx

@@ -1,20 +1,44 @@
 ---
 title: "Supabase"
-description: "How to automatically sync secrets from Infisical into your Supabase project."
+description: "How to sync secrets from Infisical to Supabase"
 ---
 
+<Note>
+    The Supabase integration is useful if your Supabase project uses sensitive-information such as [environment variables in edge functions](https://supabase.com/docs/guides/functions/secrets).
+    
+    Synced envars can be accessed in edge functions using Deno's built-in handler: `Deno.env.get(MY_SECRET_NAME)`.
+</Note>
+
 Prerequisites:
 
+- Have an account and project set up at [Supabase](https://supabase.com/)
 - Set up and add envars to [Infisical Cloud](https://app.infisical.com)
 
-Note somewhere that envars will be accessible in edge functions etc.
-
 ## Navigate to your project's integrations tab
 
 ![integrations](../../images/integrations.png)
 
-## Enter your Supabase API
+## Enter your Supabase Access Token
 
+Obtain a Supabase Access Token in your Supabase [Account > Access Tokens](https://app.supabase.com/account/tokens).
+![integrations supabase dashboard](../../images/integrations-supabase-dashboard.png)
+![integrations supabase token](../../images/integrations-supabase-token.png)
 
+Press on the Supabase tile and input your Supabase Access Token to grant Infisical access to your Supabase account.
 
-## Start integration
+![integrations supabase authorization](../../images/integrations-supabase-authorization.png)
+
+<Info>
+  If this is your project's first cloud integration, then you'll have to grant
+  Infisical access to your project's environment variables. Although this step
+  breaks E2EE, it's necessary for Infisical to sync the environment variables to
+  the cloud platform.
+</Info>
+
+## Start integration
+
+Select which Infisical environment secrets you want to sync to which Supabase project. Lastly, press create integration to start syncing secrets to Supabase.
+
+![integrations supabase create](../../images/integrations-supabase-create.png)
+
+![integrations supabase](../../images/integrations-supabase.png)

docs/integrations/cloud/vercel.mdx

@@ -1,6 +1,6 @@
 ---
 title: "Vercel"
-description: "How to automatically sync secrets from Infisical into your Vercel project."
+description: "How to sync secrets from Infisical to Vercel"
 ---
 
 Prerequisites:

docs/integrations/overview.mdx

@@ -18,9 +18,9 @@ Missing an integration? Throw in a [request](https://github.com/Infisical/infisi
 | [Vercel](/integrations/cloud/vercel)                           | Cloud     | Available   |
 | [Netlify](/integrations/cloud/netlify)                         | Cloud     | Available   |
 | [Render](/integrations/cloud/render)                           | Cloud     | Available   |
-| [Railway](/integrations/cloud/railway)                          | Cloud     | Available   |
+| [Railway](/integrations/cloud/railway)                         | Cloud     | Available   |
 | [Fly.io](/integrations/cloud/flyio)                            | Cloud     | Available   |
-| [Supabase](/integrations/cloud/flyio)                            | Cloud     | Available   |
+| [Supabase](/integrations/cloud/supabase)                       | Cloud     | Available   |
 | [AWS Parameter Store](/integrations/cloud/aws-parameter-store) | Cloud     | Available   |
 | [AWS Secret Manager](/integrations/cloud/aws-secret-manager)   | Cloud     | Available   |
 | [Azure Key Vault](/integrations/cloud/azure-key-vault)         | Cloud     | Available   |

docs/integrations/platforms/kubernetes.mdx

@@ -1,6 +1,6 @@
 ---
 title: 'Kubernetes'
-description: "This page explains how to use Infisical to inject secrets into Kubernetes clusters."
+description: "How to use Infisical to inject secrets into Kubernetes clusters."
 ---
 
 ![title](../../images/k8-diagram.png)

docs/mint.json

@@ -151,6 +151,7 @@
         "integrations/cloud/render",
         "integrations/cloud/railway",
         "integrations/cloud/flyio",
+        "integrations/cloud/supabase",
         "integrations/cloud/azure-key-vault",
         "integrations/cicd/githubactions",
         "integrations/cicd/gitlab",

frontend/src/pages/api/integrations/DeleteIntegration.ts

@@ -19,7 +19,6 @@ const deleteIntegration = ({ integrationId }: Props) =>
     if (res && res.status === 200) {
       return (await res.json()).integration;
     }
-    console.log('Failed to delete an integration');
     return undefined;
   });