Auto-indexing service and GraphQL API for AT Protocol Records
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

remove oauth redirect env var, add external base url

+30 -28
+3 -3
docs/deployment.md
··· 14 14 | `ENABLE_OAUTH_AUTO_REGISTER` | Optional | `false` | Enable automatic OAuth client registration with AIP on server boot | 15 15 | `OAUTH_CLIENT_ID` | Optional | - | OAuth client ID (auto-registered if `ENABLE_OAUTH_AUTO_REGISTER=true`) | 16 16 | `OAUTH_CLIENT_SECRET` | Optional | - | OAuth client secret (auto-registered if `ENABLE_OAUTH_AUTO_REGISTER=true`) | 17 - | `OAUTH_REDIRECT_URI` | Optional | `http://localhost:8000/oauth/callback` | OAuth callback URL | 17 + | `EXTERNAL_BASE_URL` | Optional | `http://localhost:8000` | Base URL of your application (used for OAuth redirect: `${EXTERNAL_BASE_URL}/oauth/callback`) | 18 18 | `AIP_BASE_URL` | Optional | `https://auth.example.com` | AT Protocol Identity Provider URL | 19 19 | `JETSTREAM_URL` | No | `wss://jetstream2.us-west.bsky.network/subscribe` | Jetstream WebSocket endpoint | 20 20 | `RELAY_URL` | No | `https://relay1.us-west.bsky.network` | AT Protocol relay URL | ··· 166 166 # OAuth - Option A: Auto-registration (recommended) 167 167 ENABLE_OAUTH_AUTO_REGISTER=true 168 168 AIP_BASE_URL=https://your-aip-server.com 169 - OAUTH_REDIRECT_URI=https://your-app.up.railway.app/oauth/callback 169 + EXTERNAL_BASE_URL=https://your-app.up.railway.app 170 170 171 171 # OAuth - Option B: Manual configuration 172 172 # OAUTH_CLIENT_ID=your_client_id 173 173 # OAUTH_CLIENT_SECRET=your_client_secret 174 - # OAUTH_REDIRECT_URI=https://your-app.up.railway.app/oauth/callback 174 + # EXTERNAL_BASE_URL=https://your-app.up.railway.app 175 175 ``` 176 176 177 177 ### 3. Add a volume
+3 -3
example/register-oauth-client.sh
··· 96 96 97 97 OAUTH_CLIENT_ID=$CLIENT_ID 98 98 OAUTH_CLIENT_SECRET=$CLIENT_SECRET 99 - OAUTH_REDIRECT_URI=$REDIRECT_URI 100 99 AIP_BASE_URL=$AIP_BASE 100 + EXTERNAL_BASE_URL=$CLIENT_BASE_URL 101 101 EOF 102 102 103 103 echo "✅ Client registration complete!" ··· 112 112 echo "🔧 Environment variables saved to $CONFIG_FILE:" 113 113 echo " OAUTH_CLIENT_ID" 114 114 echo " OAUTH_CLIENT_SECRET" 115 - echo " OAUTH_REDIRECT_URI" 116 - echo " OAUTH_AIP_BASE_URL" 115 + echo " AIP_BASE_URL" 116 + echo " EXTERNAL_BASE_URL" 117 117 echo 118 118 echo "💡 To use these credentials in your application:" 119 119 echo " source $CONFIG_FILE"
+4 -3
server/.env.example
··· 17 17 # OAUTH_CLIENT_ID=your_client_id 18 18 # OAUTH_CLIENT_SECRET=your_client_secret 19 19 20 - # OAuth Redirect URI (must match the URI registered with your OAuth provider) 21 - # Defaults to {EXTERNAL_BASE}/oauth/callback if not set 22 - # OAUTH_REDIRECT_URI=http://localhost:8000/oauth/callback 20 + # External Base URL - used to construct the OAuth redirect URI 21 + # The redirect URI will be: ${EXTERNAL_BASE_URL}/oauth/callback 22 + # Defaults to http://localhost:8000 if not set 23 + # EXTERNAL_BASE_URL=http://localhost:8000 23 24 24 25 # Admin DIDs (comma-separated list of DIDs that have admin access to backfill, GraphiQL, etc.) 25 26 ADMIN_DIDS=did:plc:example1,did:plc:example2
+20 -19
server/src/server.gleam
··· 284 284 Error(_) -> "https://auth.example.com" 285 285 } 286 286 287 + // Get HOST and PORT from environment variables or use defaults 288 + let host = case envoy.get("HOST") { 289 + Ok(h) -> h 290 + Error(_) -> "127.0.0.1" 291 + } 292 + 293 + let port = case envoy.get("PORT") { 294 + Ok(p) -> 295 + case int.parse(p) { 296 + Ok(port_num) -> port_num 297 + Error(_) -> 8000 298 + } 299 + Error(_) -> 8000 300 + } 301 + 287 302 // OAuth configuration - check environment variables first for backwards compatibility 288 303 let enable_auto_register = case envoy.get("ENABLE_OAUTH_AUTO_REGISTER") { 289 304 Ok(val) -> val == "true" || val == "1" 290 305 Error(_) -> False 291 306 } 292 307 293 - // Determine redirect URI from environment or use default 294 - let oauth_redirect_uri = case envoy.get("OAUTH_REDIRECT_URI") { 295 - Ok(uri) -> uri 296 - Error(_) -> "http://localhost:8000/oauth/callback" 308 + // Determine redirect URI from EXTERNAL_BASE_URL environment variable 309 + let oauth_redirect_uri = case envoy.get("EXTERNAL_BASE_URL") { 310 + Ok(base_url) -> base_url <> "/oauth/callback" 311 + Error(_) -> 312 + "http://" <> host <> ":" <> int.to_string(port) <> "/oauth/callback" 297 313 } 298 314 299 315 let oauth_config = case ··· 395 411 } 396 412 } 397 413 } 398 - } 399 - 400 - // Get HOST and PORT from environment variables or use defaults 401 - let host = case envoy.get("HOST") { 402 - Ok(h) -> h 403 - Error(_) -> "127.0.0.1" 404 - } 405 - 406 - let port = case envoy.get("PORT") { 407 - Ok(p) -> 408 - case int.parse(p) { 409 - Ok(port_num) -> port_num 410 - Error(_) -> 8000 411 - } 412 - Error(_) -> 8000 413 414 } 414 415 415 416 logging.log(logging.Info, "[server] Using AIP server: " <> auth_base_url)