mirror of
https://github.com/simstudioai/sim.git
synced 2026-04-06 03:00:16 -04:00
3fa4bb4c12
* feat(auth): add OAuth 2.1 provider for MCP connector support * fix(auth): rename redirect_u_r_ls column to redirect_urls * chore(db): regenerate oauth migration with correct column naming * fix(auth): reorder CORS headers and handle missing redirectURI * fix(auth): redirect to login without stale callbackUrl on account switch * chore: run lint * fix(auth): override credentials header on OAuth CORS entries * fix(auth): preserve OAuth flow when switching accounts on consent page * fix(auth): add session and user-id checks to authorize-params endpoint * fix(auth): add expiry check, credentials, MCP CORS, and scope in WWW-Authenticate * feat(mcp): add tool annotations for Connectors Directory compliance
57 lines
3.0 KiB
SQL
57 lines
3.0 KiB
SQL
CREATE TABLE "jwks" (
|
|
"id" text PRIMARY KEY NOT NULL,
|
|
"public_key" text NOT NULL,
|
|
"private_key" text NOT NULL,
|
|
"created_at" timestamp NOT NULL
|
|
);
|
|
--> statement-breakpoint
|
|
CREATE TABLE "oauth_access_token" (
|
|
"id" text PRIMARY KEY NOT NULL,
|
|
"access_token" text NOT NULL,
|
|
"refresh_token" text NOT NULL,
|
|
"access_token_expires_at" timestamp NOT NULL,
|
|
"refresh_token_expires_at" timestamp NOT NULL,
|
|
"client_id" text NOT NULL,
|
|
"user_id" text,
|
|
"scopes" text NOT NULL,
|
|
"created_at" timestamp NOT NULL,
|
|
"updated_at" timestamp NOT NULL,
|
|
CONSTRAINT "oauth_access_token_access_token_unique" UNIQUE("access_token"),
|
|
CONSTRAINT "oauth_access_token_refresh_token_unique" UNIQUE("refresh_token")
|
|
);
|
|
--> statement-breakpoint
|
|
CREATE TABLE "oauth_application" (
|
|
"id" text PRIMARY KEY NOT NULL,
|
|
"name" text NOT NULL,
|
|
"icon" text,
|
|
"metadata" text,
|
|
"client_id" text NOT NULL,
|
|
"client_secret" text,
|
|
"redirect_urls" text NOT NULL,
|
|
"type" text NOT NULL,
|
|
"disabled" boolean DEFAULT false,
|
|
"user_id" text,
|
|
"created_at" timestamp NOT NULL,
|
|
"updated_at" timestamp NOT NULL,
|
|
CONSTRAINT "oauth_application_client_id_unique" UNIQUE("client_id")
|
|
);
|
|
--> statement-breakpoint
|
|
CREATE TABLE "oauth_consent" (
|
|
"id" text PRIMARY KEY NOT NULL,
|
|
"client_id" text NOT NULL,
|
|
"user_id" text NOT NULL,
|
|
"scopes" text NOT NULL,
|
|
"created_at" timestamp NOT NULL,
|
|
"updated_at" timestamp NOT NULL,
|
|
"consent_given" boolean NOT NULL
|
|
);
|
|
--> statement-breakpoint
|
|
ALTER TABLE "oauth_access_token" ADD CONSTRAINT "oauth_access_token_client_id_oauth_application_client_id_fk" FOREIGN KEY ("client_id") REFERENCES "public"."oauth_application"("client_id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
ALTER TABLE "oauth_access_token" ADD CONSTRAINT "oauth_access_token_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
ALTER TABLE "oauth_application" ADD CONSTRAINT "oauth_application_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
ALTER TABLE "oauth_consent" ADD CONSTRAINT "oauth_consent_client_id_oauth_application_client_id_fk" FOREIGN KEY ("client_id") REFERENCES "public"."oauth_application"("client_id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
ALTER TABLE "oauth_consent" ADD CONSTRAINT "oauth_consent_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
|
|
CREATE INDEX "oauth_access_token_access_token_idx" ON "oauth_access_token" USING btree ("access_token");--> statement-breakpoint
|
|
CREATE INDEX "oauth_access_token_refresh_token_idx" ON "oauth_access_token" USING btree ("refresh_token");--> statement-breakpoint
|
|
CREATE INDEX "oauth_application_client_id_idx" ON "oauth_application" USING btree ("client_id");--> statement-breakpoint
|
|
CREATE INDEX "oauth_consent_user_client_idx" ON "oauth_consent" USING btree ("user_id","client_id"); |