From 6e291382fe106250f4525ac5e35a86e7faa7fe11 Mon Sep 17 00:00:00 2001 From: Jed Patterson <86933957+JedPattersonn@users.noreply.github.com> Date: Thu, 3 Jul 2025 19:36:18 +0100 Subject: [PATCH] feat: linear social provider (#2617) * feature: linear oauth * update profile map * remove props spread from stringIcon * update icon svg props * updates * update --------- Co-authored-by: Kinfe123 --- docs/components/builder/social-provider.tsx | 28 +++++ docs/components/sidebar-content.tsx | 18 +++ docs/content/docs/authentication/linear.mdx | 75 +++++++++++ .../better-auth/src/social-providers/index.ts | 3 + .../src/social-providers/linear.ts | 118 ++++++++++++++++++ 5 files changed, 242 insertions(+) create mode 100644 docs/content/docs/authentication/linear.mdx create mode 100644 packages/better-auth/src/social-providers/linear.ts diff --git a/docs/components/builder/social-provider.tsx b/docs/components/builder/social-provider.tsx index d4a6d659..7d3b28af 100644 --- a/docs/components/builder/social-provider.tsx +++ b/docs/components/builder/social-provider.tsx @@ -202,6 +202,34 @@ export const socialProviders = { `, }, + linear: { + Icon: (props: SVGProps) => ( + + + + ), + stringIcon: ` + + `, + }, linkedin: { Icon: (props: SVGProps) => ( ), }, + { + title: "Linear", + href: "/docs/authentication/linear", + icon: () => ( + + + + ), + }, { title: "LinkedIn", href: "/docs/authentication/linkedin", diff --git a/docs/content/docs/authentication/linear.mdx b/docs/content/docs/authentication/linear.mdx new file mode 100644 index 00000000..33026465 --- /dev/null +++ b/docs/content/docs/authentication/linear.mdx @@ -0,0 +1,75 @@ +--- +title: Linear +description: Linear provider setup and usage. +--- + + + + ### Get your Linear credentials + To use Linear sign in, you need a client ID and client secret. You can get them from the [Linear Developer Portal](https://linear.app/settings/api). + + Make sure to set the redirect URL to `http://localhost:3000/api/auth/callback/linear` for local development. For production, you should set it to the URL of your application. If you change the base path of the auth routes, you should update the redirect URL accordingly. + + When creating your OAuth application in Linear, you'll need to specify the required scopes. The default scope is `read`, but you can also request additional scopes like `write` if needed. + + + + ### Configure the provider + To configure the provider, you need to import the provider and pass it to the `socialProviders` option of the auth instance. + + ```ts title="auth.ts" + import { betterAuth } from "better-auth" + + export const auth = betterAuth({ + socialProviders: { + linear: { // [!code highlight] + clientId: process.env.LINEAR_CLIENT_ID as string, // [!code highlight] + clientSecret: process.env.LINEAR_CLIENT_SECRET as string, // [!code highlight] + }, // [!code highlight] + }, + }) + ``` + + + + ### Sign In with Linear + To sign in with Linear, you can use the `signIn.social` function provided by the client. The `signIn` function takes an object with the following properties: + - `provider`: The provider to use. It should be set to `linear`. + + ```ts title="auth-client.ts" + import { createAuthClient } from "better-auth/client" + const authClient = createAuthClient() + + const signIn = async () => { + const data = await authClient.signIn.social({ + provider: "linear" + }) + } + ``` + + + + ### Available scopes + Linear OAuth supports the following scopes: + - `read` (default): Read access for the user's account + - `write`: Write access for the user's account + - `issues:create`: Allows creating new issues and their attachments + - `comments:create`: Allows creating new issue comments + - `timeSchedule:write`: Allows creating and modifying time schedules + - `admin`: Full access to admin level endpoints (use with caution) + + You can specify additional scopes when configuring the provider: + + ```ts title="auth.ts" + export const auth = betterAuth({ + socialProviders: { + linear: { + clientId: process.env.LINEAR_CLIENT_ID as string, + clientSecret: process.env.LINEAR_CLIENT_SECRET as string, + scope: ["read", "write"] // [!code highlight] + }, + }, + }) + ``` + + diff --git a/packages/better-auth/src/social-providers/index.ts b/packages/better-auth/src/social-providers/index.ts index b4bd5e16..d25b6612 100644 --- a/packages/better-auth/src/social-providers/index.ts +++ b/packages/better-auth/src/social-providers/index.ts @@ -10,6 +10,7 @@ import { spotify } from "./spotify"; import { twitch } from "./twitch"; import { twitter } from "./twitter"; import { dropbox } from "./dropbox"; +import { linear } from "./linear"; import { linkedin } from "./linkedin"; import { gitlab } from "./gitlab"; import { tiktok } from "./tiktok"; @@ -32,6 +33,7 @@ export const socialProviders = { twitter, dropbox, kick, + linear, linkedin, gitlab, tiktok, @@ -70,6 +72,7 @@ export * from "./twitch"; export * from "./facebook"; export * from "./twitter"; export * from "./dropbox"; +export * from "./linear"; export * from "./linkedin"; export * from "./gitlab"; export * from "./tiktok"; diff --git a/packages/better-auth/src/social-providers/linear.ts b/packages/better-auth/src/social-providers/linear.ts new file mode 100644 index 00000000..11979376 --- /dev/null +++ b/packages/better-auth/src/social-providers/linear.ts @@ -0,0 +1,118 @@ +import { betterFetch } from "@better-fetch/fetch"; +import type { OAuthProvider, ProviderOptions } from "../oauth2"; +import { + createAuthorizationURL, + refreshAccessToken, + validateAuthorizationCode, +} from "../oauth2"; + +interface LinearUser { + id: string; + name: string; + email: string; + avatarUrl?: string; + active: boolean; + createdAt: string; + updatedAt: string; +} + +export interface LinearProfile { + data: { + viewer: LinearUser; + }; +} + +export interface LinearOptions extends ProviderOptions {} + +export const linear = (options: LinearOptions) => { + const tokenEndpoint = "https://api.linear.app/oauth/token"; + return { + id: "linear", + name: "Linear", + createAuthorizationURL({ state, scopes, loginHint, redirectURI }) { + const _scopes = options.disableDefaultScope ? [] : ["read"]; + options.scope && _scopes.push(...options.scope); + scopes && _scopes.push(...scopes); + return createAuthorizationURL({ + id: "linear", + options, + authorizationEndpoint: "https://linear.app/oauth/authorize", + scopes: _scopes, + state, + redirectURI, + loginHint, + }); + }, + validateAuthorizationCode: async ({ code, redirectURI }) => { + return validateAuthorizationCode({ + code, + redirectURI, + options, + tokenEndpoint, + }); + }, + refreshAccessToken: options.refreshAccessToken + ? options.refreshAccessToken + : async (refreshToken) => { + return refreshAccessToken({ + refreshToken, + options: { + clientId: options.clientId, + clientKey: options.clientKey, + clientSecret: options.clientSecret, + }, + tokenEndpoint, + }); + }, + async getUserInfo(token) { + if (options.getUserInfo) { + return options.getUserInfo(token); + } + + const { data: profile, error } = await betterFetch( + "https://api.linear.app/graphql", + { + method: "POST", + headers: { + "Content-Type": "application/json", + Authorization: `Bearer ${token.accessToken}`, + }, + body: JSON.stringify({ + query: ` + query { + viewer { + id + name + email + avatarUrl + active + createdAt + updatedAt + } + } + `, + }), + }, + ); + if (error || !profile?.data?.viewer) { + return null; + } + + const userData = profile.data.viewer; + const userMap = await options.mapProfileToUser?.(userData); + + return { + user: { + id: profile.data.viewer.id, + name: profile.data.viewer.name, + email: profile.data.viewer.email, + image: profile.data.viewer.avatarUrl, + emailVerified: true, + ...userMap, + }, + data: userData, + }; + }, + options, + } satisfies OAuthProvider; +};