Skip to content

feat(schemas): add enable_token_storage column to connectors #7483

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Jun 30, 2025

Conversation

simeng-li
Copy link
Contributor

@simeng-li simeng-li commented Jun 24, 2025

Summary

Add the enable_token_storage column to the connectors table. This field indicates whether token storage is enabled for the connector. When enabled, Logto will encrypt and store the authentication tokens (e.g., access_token, refresh_token) returned by the third-party connector for future use on behalf of the user.

Add the isTokenStorageSupported flag to the social connector metadata. Previously, social connectors did not expose access tokens to the Logto core service; we will need to gradually migrate existing social connectors to support token storage. Use this field to indicate whether the connector supports token storage. If not, do not expose the enable_token_storage settings to developers.

Testing

Checklist

  • .changeset
  • unit tests
  • integration tests
  • necessary TSDoc comments

Sorry, something went wrong.

Copy link

github-actions bot commented Jun 24, 2025

COMPARE TO master

Total Size Diff ⚠️ 📈 +11.34 KB

Diff by File
Name Diff
packages/core/src/mocks/connector-base-data.ts 📈 +203 Bytes
packages/core/src/mocks/connector.ts 📈 +95 Bytes
packages/core/src/libraries/connector.test.ts 📈 +31 Bytes
packages/core/src/queries/connector.test.ts 📈 +66 Bytes
packages/core/src/routes/connector/index.ts 📈 +1.22 KB
packages/phrases/src/locales/ar/errors/connector.ts 📈 +93 Bytes
packages/phrases/src/locales/ar/errors/custom-profile-fields.ts 📈 +53 Bytes
packages/phrases/src/locales/ar/errors/request.ts 📈 +102 Bytes
packages/phrases/src/locales/ar/errors/session.ts 📈 +168 Bytes
packages/phrases/src/locales/ar/translation/admin-console/auth-status.ts 📈 +209 Bytes
packages/phrases/src/locales/ar/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/de/errors/connector.ts 📈 +89 Bytes
packages/phrases/src/locales/de/errors/custom-profile-fields.ts 📈 +16 Bytes
packages/phrases/src/locales/de/errors/request.ts 📈 +94 Bytes
packages/phrases/src/locales/de/errors/session.ts 📈 +126 Bytes
packages/phrases/src/locales/de/translation/admin-console/auth-status.ts 📈 +217 Bytes
packages/phrases/src/locales/de/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/en/errors/connector.ts 📈 +82 Bytes
packages/phrases/src/locales/en/errors/request.ts 📈 +86 Bytes
packages/phrases/src/locales/es/errors/connector.ts 📈 +87 Bytes
packages/phrases/src/locales/es/errors/custom-profile-fields.ts 📈 +7 Bytes
packages/phrases/src/locales/es/errors/request.ts 📈 +82 Bytes
packages/phrases/src/locales/es/errors/session.ts 📈 +144 Bytes
packages/phrases/src/locales/es/translation/admin-console/auth-status.ts 📈 +208 Bytes
packages/phrases/src/locales/es/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/fr/errors/connector.ts 📈 +95 Bytes
packages/phrases/src/locales/fr/errors/custom-profile-fields.ts 📈 +4 Bytes
packages/phrases/src/locales/fr/errors/request.ts 📈 +109 Bytes
packages/phrases/src/locales/fr/errors/session.ts 📈 +125 Bytes
packages/phrases/src/locales/fr/translation/admin-console/auth-status.ts 📈 +211 Bytes
packages/phrases/src/locales/fr/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/it/errors/connector.ts 📈 +92 Bytes
packages/phrases/src/locales/it/errors/custom-profile-fields.ts 📈 +13 Bytes
packages/phrases/src/locales/it/errors/request.ts 📈 +90 Bytes
packages/phrases/src/locales/it/errors/session.ts 📈 +125 Bytes
packages/phrases/src/locales/it/translation/admin-console/auth-status.ts 📈 +204 Bytes
packages/phrases/src/locales/it/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/ja/errors/connector.ts 📈 +120 Bytes
packages/phrases/src/locales/ja/errors/custom-profile-fields.ts 📈 +36 Bytes
packages/phrases/src/locales/ja/errors/request.ts 📈 +101 Bytes
packages/phrases/src/locales/ja/errors/session.ts 📈 +136 Bytes
packages/phrases/src/locales/ja/translation/admin-console/auth-status.ts 📈 +215 Bytes
packages/phrases/src/locales/ja/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/ko/errors/connector.ts 📈 +95 Bytes
packages/phrases/src/locales/ko/errors/custom-profile-fields.ts 📈 +26 Bytes
packages/phrases/src/locales/ko/errors/request.ts 📈 +89 Bytes
packages/phrases/src/locales/ko/errors/session.ts 📈 +166 Bytes
packages/phrases/src/locales/ko/translation/admin-console/auth-status.ts 📈 +178 Bytes
packages/phrases/src/locales/ko/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/pl-pl/errors/connector.ts 📈 +88 Bytes
packages/phrases/src/locales/pl-pl/errors/custom-profile-fields.ts 📈 +8 Bytes
packages/phrases/src/locales/pl-pl/errors/request.ts 📈 +87 Bytes
packages/phrases/src/locales/pl-pl/errors/session.ts 📈 +131 Bytes
packages/phrases/src/locales/pl-pl/translation/admin-console/auth-status.ts 📈 +198 Bytes
packages/phrases/src/locales/pl-pl/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/pt-br/errors/connector.ts 📈 +86 Bytes
packages/phrases/src/locales/pt-br/errors/custom-profile-fields.ts 📈 +26 Bytes
packages/phrases/src/locales/pt-br/errors/request.ts 📈 +78 Bytes
packages/phrases/src/locales/pt-br/errors/session.ts 📈 +131 Bytes
packages/phrases/src/locales/pt-br/translation/admin-console/auth-status.ts 📈 +204 Bytes
packages/phrases/src/locales/pt-br/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/pt-pt/errors/connector.ts 📈 +85 Bytes
packages/phrases/src/locales/pt-pt/errors/custom-profile-fields.ts 📈 +18 Bytes
packages/phrases/src/locales/pt-pt/errors/request.ts 📈 +85 Bytes
packages/phrases/src/locales/pt-pt/errors/session.ts 📈 +131 Bytes
packages/phrases/src/locales/pt-pt/translation/admin-console/auth-status.ts 📈 +204 Bytes
packages/phrases/src/locales/pt-pt/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/ru/errors/connector.ts 📈 +126 Bytes
packages/phrases/src/locales/ru/errors/custom-profile-fields.ts 📈 +76 Bytes
packages/phrases/src/locales/ru/errors/request.ts 📈 +114 Bytes
packages/phrases/src/locales/ru/errors/session.ts 📈 +198 Bytes
packages/phrases/src/locales/ru/translation/admin-console/auth-status.ts 📈 +262 Bytes
packages/phrases/src/locales/ru/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/tr-tr/errors/connector.ts 📈 +88 Bytes
packages/phrases/src/locales/tr-tr/errors/custom-profile-fields.ts 📈 +11 Bytes
packages/phrases/src/locales/tr-tr/errors/request.ts 📈 +71 Bytes
packages/phrases/src/locales/tr-tr/errors/session.ts 📈 +135 Bytes
packages/phrases/src/locales/tr-tr/translation/admin-console/auth-status.ts 📈 +205 Bytes
packages/phrases/src/locales/tr-tr/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/zh-cn/errors/connector.ts 📈 +71 Bytes
packages/phrases/src/locales/zh-cn/errors/custom-profile-fields.ts 📈 +48 Bytes
packages/phrases/src/locales/zh-cn/errors/request.ts 📈 +62 Bytes
packages/phrases/src/locales/zh-cn/errors/session.ts 📈 +123 Bytes
packages/phrases/src/locales/zh-cn/translation/admin-console/auth-status.ts 📈 +164 Bytes
packages/phrases/src/locales/zh-cn/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/zh-hk/errors/connector.ts 📈 +72 Bytes
packages/phrases/src/locales/zh-hk/errors/custom-profile-fields.ts 📈 +54 Bytes
packages/phrases/src/locales/zh-hk/errors/request.ts 📈 +62 Bytes
packages/phrases/src/locales/zh-hk/errors/session.ts 📈 +132 Bytes
packages/phrases/src/locales/zh-hk/translation/admin-console/auth-status.ts 📈 +164 Bytes
packages/phrases/src/locales/zh-hk/translation/admin-console/index.ts 📈 +59 Bytes
packages/phrases/src/locales/zh-tw/errors/connector.ts 📈 +71 Bytes
packages/phrases/src/locales/zh-tw/errors/custom-profile-fields.ts 📈 +54 Bytes
packages/phrases/src/locales/zh-tw/errors/request.ts 📈 +71 Bytes
packages/phrases/src/locales/zh-tw/errors/session.ts 📈 +132 Bytes
packages/phrases/src/locales/zh-tw/translation/admin-console/auth-status.ts 📈 +167 Bytes
packages/phrases/src/locales/zh-tw/translation/admin-console/index.ts 📈 +59 Bytes
packages/schemas/alterations/next-1750748516-add-enable-token-storage-column-to-connectors-table.ts 📈 +488 Bytes
packages/schemas/tables/connectors.sql 📈 +169 Bytes
packages/toolkit/connector-kit/src/types/metadata.ts 📈 +416 Bytes

@simeng-li simeng-li force-pushed the simeng-log-11663-connectors-enable-token-management branch from f781f8f to 62dee9f Compare June 24, 2025 08:13
@simeng-li simeng-li requested a review from darcyYe as a code owner June 25, 2025 02:23
@simeng-li simeng-li force-pushed the simeng-log-11664-token-vault-add-token-vault-encryption-flow branch from 5c198b9 to 903a012 Compare June 25, 2025 03:34
@simeng-li simeng-li force-pushed the simeng-log-11663-connectors-enable-token-management branch from 3ed6efd to 5320845 Compare June 25, 2025 03:34
@simeng-li simeng-li removed the size/s label Jun 26, 2025
@simeng-li simeng-li force-pushed the simeng-log-11663-connectors-enable-token-management branch from 5320845 to b67124a Compare June 26, 2025 08:49
@github-actions github-actions bot added size/l and removed size/l labels Jun 26, 2025
@simeng-li simeng-li force-pushed the simeng-log-11664-token-vault-add-token-vault-encryption-flow branch from 19cb63f to 8991067 Compare June 27, 2025 02:33
@simeng-li simeng-li force-pushed the simeng-log-11663-connectors-enable-token-management branch from b67124a to ac371ae Compare June 27, 2025 02:34
@github-actions github-actions bot added size/l and removed size/l labels Jun 27, 2025
Base automatically changed from simeng-log-11664-token-vault-add-token-vault-encryption-flow to master June 27, 2025 03:09
@github-actions github-actions bot added size/xl and removed size/l labels Jun 27, 2025

Verified

This commit was signed with the committer’s verified signature.
add enable_token_storage column to connectors

Verified

This commit was signed with the committer’s verified signature.
fix type issues

Verified

This commit was signed with the committer’s verified signature.
fix ut

Verified

This commit was signed with the committer’s verified signature.
fix ut

Verified

This commit was signed with the committer’s verified signature.
add isTokenStorageSupported flag to the social connectors metadata

Verified

This commit was signed with the committer’s verified signature.
add enable token storage field validation to connectors CRUD APIs
@simeng-li simeng-li force-pushed the simeng-log-11663-connectors-enable-token-management branch from ac371ae to 554deb2 Compare June 27, 2025 03:10
@github-actions github-actions bot added size/l and removed size/xl labels Jun 27, 2025
@simeng-li simeng-li requested a review from Copilot June 27, 2025 07:55
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for token storage configuration on social connectors by introducing a new database column and corresponding metadata flags, and updates API routes, tests, and translations to handle the new setting.

  • Add enable_token_storage column to connectors table with migration script
  • Extend SocialConnectorMetadata with isTokenStorageSupported flag and update connector routes to validate enableTokenStorage
  • Update SQL queries, mocks, tests, and localized error/messages to include new setting

Reviewed Changes

Copilot reviewed 100 out of 100 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
packages/toolkit/connector-kit/src/types/metadata.ts Added isTokenStorageSupported property and Zod guard
packages/schemas/tables/connectors.sql Added enable_token_storage column with default FALSE
packages/schemas/alterations/next-1750748516-add-enable-token-storage-column-to-connectors-table.ts Migration up/down scripts for new column
packages/core/src/routes/connector/index.ts Include enableTokenStorage in create/update routes with validation checks
packages/core/src/queries/connector.test.ts Updated insert query and test values for enable_token_storage
packages/core/src/libraries/connector.test.ts Added enableTokenStorage in test fixtures
packages/core/src/mocks/connector*.ts Added enableTokenStorage to mock data
packages/phrases/** Added feature_not_supported and token_storage_not_supported messages across locales and introduced auth_status view translations
Comments suppressed due to low confidence (3)

packages/phrases/src/locales/en/errors/connector.ts:42

  • [nitpick] Remove the trailing space in this error message to keep formatting consistent.
  token_storage_not_supported: 'This connector does not support token storage. ',

packages/core/src/routes/connector/index.ts:140

  • Add unit tests for scenarios when enableTokenStorage is true but dev features are disabled or connector does not support token storage to cover new validation logic.
      if (enableTokenStorage) {

packages/schemas/tables/connectors.sql:8

  • SQL comments should use -- or /* ... */ syntax instead of JSDoc-style /** ... */. Update to valid SQL comment style.
  /** Whether the token storage is enabled for this connector. Only applied for OAuth2/OIDC social connectors. */

@simeng-li simeng-li merged commit 208be2f into master Jun 30, 2025
46 of 47 checks passed
@simeng-li simeng-li deleted the simeng-log-11663-connectors-enable-token-management branch June 30, 2025 06:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

Successfully merging this pull request may close these issues.

None yet

3 participants