[RELEASE]: OAuth2 provider

[rishabhpoddar]

📅 Checklist

🔶 Staging

Dev Tag

• Clarify about aud claim in access token and id token.
• supertokens-core:X.Y
  • core
    • check CDI, plugin interface list
    • Add migration script for psql / mysql
    • Make sure no memory leak
  • plugin-interface
    • check plugin interface list
  • mysql-plugin
    • check plugin interface list
    • Add migration script for mysql
  • postgresql-plugin
    • check plugin interface list
    • Add migration script for psql
  • mongodb-plugin
    • check plugin interface list
  • Make sure docker issue of read-only and root user is fixed.
  • Non single use refresh tokens + refresh tokens with really long lifetimes.
  • Allow list changes
  • More tests
• supertokens-node:X.Y
  • check CDI, FDI list
  • fix circleci config for sdk. Right now, it runs a cicd job for setup on each push
  • make sure that backend-sdk-testing branches are up to date (3.1 from 3.0 and 4.0 from 3.1)
  • Make sure all PR checks are passing - specifically example apps checks should all be passing
  • Make sure feat: refactor custom framework utils to reuse them supertokens-node#933 is merged
  • Get updates cookie versions supertokens-node#936 merged, after all pr checks in testing one change supertokens-node#937 pass
  • Merge maybe fixes issue, testing pending supertokens-node#948
  • FIx issue with account linking returning erro code 007 instead of email already exists when signing up with email password if social login already exists.
  • Check that oauth access token lifetime can be set to 100 years
  • Update function to pass in client id and secret optionally.
• supertokens-golang:X.Y
  • check CDI, FDI list
• supertokens-python:X.Y
  • check CDI, FDI list
• supertokens-website:X.Y
  • check FDI list
  • 3.1 fdi (not to be a new release)
• supertokens-web-js:X.Y
  • check FDI list
  • check web-js interface version
  • Update dependency version of supertokens-website in package.json from npm registry
  • 3.1 fdi (not to be a new release)
• supertokens-auth-react:X.Y
  • check FDI list
  • check web-js interface version
  • Updated dependencies to use supertokens-web-js in package.json from npm registry
  • Various browsers - Safari, Firefox, Chrome, Edge
  • Mobile responsiveness
  • Make sure using with-typescript example that types are correct for every new configs exposed to users
  • Make sure frontend login UI shows even if backend is not working.
  • Make sure all PR checks are passing - specifically example apps checks should all be passing
  • 3.1 fdi (not to be a new release)
• prebuiltui:X.Y (This is based on supertokens-auth-react release)
  • If new recipe, then make sure to expose it as a window variable, and also change implementation of checkFrontendSDKRelatedDocs in the docs repo (global search it) - modify the ALLOWED_LINES variable to add about the new recipe.
  • 3.1 fdi (not to be a new release)
• supertokens-react-native:X.Y
  • check FDI list
  • 3.1 fdi (not to be a new release)
• supertokens-android:X.Y
  • check FDI list
  • 3.1 fdi (not to be a new release)
• supertokens-ios:X.Y
  • check FDI list
  • 3.1 fdi (not to be a new release)
• supertokens-flutter:X.Y
  • check FDI list
  • 3.1 fdi (not to be a new release)
• Test day with team. Get people in the team to read the docs and implement something with the new feature.
• Make SuperTokens an OAuth and Open ID provider #582
  • Example PRs
    • Mobile example in react-native
    • Web examples
    • M2M examples in node SDK
  • Use a very specific version of hydra (v2.2.0) in saas, and not just the latest one.
• feat: OAuth provider support #1010
• Add oauth docs docs#847

Others

• Example apps in create-supertokens-app CLI
• Examples apps in supertokens-auth-react. Update try.supertokens and rerun the pr checklist
  • Need to have with-oauth2 example which contains one authorization server and client apps for all use cases.
  • Make sure example apps run with http
• Examples apps in supertokens-react-native
• Examples apps in android
• Example apps in ios
• Example apps in flutter
• next.js:canary
• RedwoodJS and playground-auth
• Run on netlify (and hence AWS lambda) to check if it works fine there
• Test on vercel (with-emailpassword-vercel app)
• SuperTokens Jackson SAML example update
• Supabase docs
• Capacitor template app: https://github.com/RobSchilderr/capacitor-supertokens-nextjs-turborepo
• T4 App: https://github.com/timothymiller/t4-app

📚 Documentation (test site)

• All recipe main documentation update
• https://supertokens.slack.com/archives/C051BN9QJUX/p1729162747058009
• Code type checking versions are pointing to X.Y
  • jsEnv
  • goEnv
  • pythonEnv
• Update table schema in mysql / postgresql section for self hosted
• community documentation update
• website changes (test.supertokens.io)
  • homepage
  • pricing page feature list
  • comparison chart in the pricing page
  • product roadmap page
  • Update API key code snippet in SaaS dashboard
  • Update recipe list and links to the docs for supertokens.com dashboard

🔥 Production

💻 NPM and core release

• Hosting of hydra instance in our saas and for try.supertokens.com server.
  • Update try supertokens com docker env vars to add config for oauth server
• core
  • supertokens-core:X.Y
  • plugin-interface
  • mysql-plugin
  • postgresql-plugin
  • mongodb-plugin
  • Docker update
    • MySQL
      • check if new env cnofigs need to be added
    • Postgres
      • check if new env cnofigs need to be added
    • MongoDB
      • check if new env cnofigs need to be added
  • try.supertokens.io

    sudo docker rm try-supertokens -f
    sudo docker rmi supertokens/supertokens-postgresql:<VERSION>
    nano ./start_container.sh (update version tag)
    sudo ./start_container.sh
    

    • We have to add env variable for encryption key for oauth
  • Run tests against node sdk (all compatible versions)
  • Run tests against python sdk (all compatible versions)
  • Run tests against golang sdk (all compatible versions)
  • Update SaaS config
  • We have to add env variable for encryption key for oauth
  • Add a cron job to run hydra janitor command
  • Update to tables checked for user count / or to know if a deployment is being used or not
  • Update logic for deleting all data in dev env if a new table was added and if the data should be removed from
    it too
  • Update saas docker run command to add oauth server env vars to the docker run command
  • Update logic for exporting csv file for registered users
  • Update SaaS instances to use the latest docker images.
    Change checklist in contributing guide for which tables to pick when migrating data from dev to prod instance.
  • Update license key used for cores to include nea feature.
  • Update table schema in mysql / postgresql section for self hosted in docs.
  • Update paid feature to min version mapping in /st/features GET.
  • Update API that returns the list of paid features in saas dashboard
  • Update logic for core to core migration for new saas architecture:
    • transfer of master database information
    • deletion of master database information related to the CUD being transferred
• supertokens-node:X.Y
• supertokens-golang:X.Y
• supertokens-website:X.Y
• supertokens-web-js:X.Y
• supertokens-auth-react:X.Y
• prebuiltui:X.Y
• supertokens-python:X.Y
• supertokens-react-native:X.Y
• supertokens-android:X.Y
• supertokens-ios:X.Y
• supertokens-flutter:X.Y
• supertokens-dashboard

📚 Documentation

• Pushed to production
• Post message on discord about new update
• Updated swaggerhub FDI spec
• Update frontend-driver-interface repo
• Updated swaggerhub CDI spec
• Update core-driver-interface-repo
• Updated dashboard spec on swaggerhub
• Update dashboard spec
• Update internal contributing guide to move from previous core version to the latest one
• Algolia search update for docs
• robots.txt, sitemap.xml, noindex page update
• Auto generate release note on github:
  • supertokens-core
  • supertokens-plugin-interface
  • supertokens-mysql-plugin
  • supertokens-postgresql-plugin
  • supertokens-mongodb-plugin
  • supertokens-node
  • supertokens-golang
  • supertokens-python
  • supertokens-website
  • supertokens-web-js
  • supertokens-auth-react
  • prebuiltui repo
  • supertokens-react-native
  • supertokens-android
  • supertokens-ios
  • supertokens-flutter
  • supertokens-dashboard

Contents of running try.supertokens.com script:

git clone github.com/supertokens/backend
cd backend/scripts/demo-dashboard
./addData.sh