{"id":50406797,"url":"https://github.com/daptin/daptin-integration-auth-demo","last_synced_at":"2026-05-31T02:01:12.003Z","repository":{"id":356478069,"uuid":"1232708782","full_name":"daptin/daptin-integration-auth-demo","owner":"daptin","description":"Manual Daptin integration auth E2E demo for OAuth tokens and custom credentials","archived":false,"fork":false,"pushed_at":"2026-05-08T08:55:50.000Z","size":21,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-08T09:34:29.789Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/daptin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-08T07:32:02.000Z","updated_at":"2026-05-08T08:55:54.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/daptin/daptin-integration-auth-demo","commit_stats":null,"previous_names":["daptin/daptin-integration-auth-demo"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/daptin/daptin-integration-auth-demo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daptin%2Fdaptin-integration-auth-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daptin%2Fdaptin-integration-auth-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daptin%2Fdaptin-integration-auth-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daptin%2Fdaptin-integration-auth-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/daptin","download_url":"https://codeload.github.com/daptin/daptin-integration-auth-demo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daptin%2Fdaptin-integration-auth-demo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33716339,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-31T02:00:06.040Z","response_time":95,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-05-31T02:01:11.350Z","updated_at":"2026-05-31T02:01:11.998Z","avatar_url":"https://github.com/daptin.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Daptin Integration Auth Demo\n\nThis is a standalone manual E2E project for Daptin integrations that execute with a user-selected OAuth token or a user-selected custom credential.\n\nRuntime serving is Daptin only. This demo does not ask users to build Daptin. Use either the published Docker image or a binary downloaded from the latest GitHub release. Node is used only to compile the static browser app into `dist/`, and the site is published into Daptin local storage as a subsite.\n\n## What It Tests\n\n- GitHub OAuth app connection stored in `oauth_connect`\n- Per-user GitHub OAuth tokens stored in `oauth_token`\n- OAuth integration execution with `oauth_token_id`\n- GitHub PAT and Stripe custom credential integrations with `credential_id`\n- Wrong-user denial paths for OAuth tokens and credentials\n- Header override protection by sending a malicious `Authorization` action input\n\n## Prerequisites\n\n- Docker, or internet access to download the Daptin GitHub release binary\n- Node 20+\n- A GitHub OAuth app with callback URL:\n\n```text\nhttp://localhost:7336/oauth/response?authenticator=github-e2e\n```\n\nUse two real GitHub accounts for the multi-user OAuth checks.\n\n## Setup\n\n```bash\ncp .env.example .env.local\n```\n\nSet:\n\n```text\nGITHUB_OAUTH_CLIENT_ID=...\nGITHUB_OAUTH_CLIENT_SECRET=...\n```\n\nKeep `DAPTIN_OAUTH_REDIRECT_URI` as `http://localhost:7336/oauth/response`. Daptin appends `?authenticator=github-e2e` when it builds the provider authorize URL, so the GitHub OAuth app callback URL must include that query string.\n\nStart Daptin from Docker in one terminal:\n\n```bash\nnpm run docker:up\n```\n\nThe default image is `daptin/daptin:v0.12.2`, because Docker does not currently publish a `latest` tag.\n\nOr run the GitHub release binary directly. The default `DAPTIN_RELEASE_TAG=latest` downloads the latest release asset:\n\n```bash\nnpm run daptin:release\n```\n\nThis downloads the `daptin/daptin` release asset for your OS/architecture, then stores Daptin DB/files under this demo's `daptin-data/`.\n\nOn Apple Silicon, release-binary mode uses Daptin's published `darwin-amd64` asset. Use Docker if Rosetta is not available.\n\nBootstrap users, OAuth connector, integrations, actions, and the subsite row:\n\n```bash\nnpm run setup\n```\n\nThe scripts call instance actions as `/action/{type}/{action}` with `{type}_id` in `attributes`, which is the route shape Daptin registers for actions.\n\nCompile and publish the static site into Daptin local storage:\n\n```bash\nnpm install\nnpm run publish\n```\n\nOpen:\n\n```text\nhttp://localhost:7336/integration-auth-demo/\n```\n\nDaptin registers subsite routes on startup, so restart Daptin after `npm run setup` creates the site row. In Docker mode use `npm run docker:restart`; in release-binary mode stop `npm run daptin:release` with `Ctrl-C` and run it again. File updates after that can be republished with `npm run publish`; restart if the subsite does not refresh within 10-15 seconds.\n\n## Manual E2E Flow\n\n1. Sign in Alice and Bob in the browser app.\n2. Select Alice and click `Start GitHub OAuth`.\n3. Complete GitHub OAuth as GitHub user A.\n4. Return to the demo and refresh OAuth tokens.\n5. Select Bob and repeat OAuth as GitHub user B.\n6. Run `GitHub via OAuth Token` for Alice with Alice's token.\n7. Run `GitHub via OAuth Token` for Bob with Bob's token.\n8. Select Alice but paste Bob's `oauth_token_id`; execution must fail.\n9. Create a GitHub PAT credential for Alice and run `GitHub via Credential`.\n10. Select Bob and try Alice's credential; execution must fail unless permission was deliberately granted.\n11. Enable `send malicious Authorization action input` and rerun the passing cases; provider identity must still come from the selected token or credential.\n\n## Useful Commands\n\n```bash\nnpm run verify\ndocker compose logs -f daptin\nnpm run docker:down\n```\n\n`make verify` prints registered connectors, integrations, installed actions, visible tokens, and visible credentials without printing secrets.\n\n## Notes\n\n- The app stores Daptin JWTs in browser `localStorage` for manual testing.\n- OAuth callback may redirect to `/sign-in` after Daptin stores the token. Return to `/integration-auth-demo/` and refresh tokens.\n- Optional PAT setup can be automated by setting `ALICE_GITHUB_PAT` or `BOB_GITHUB_PAT` in `.env.local`; otherwise create credentials from the browser app.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaptin%2Fdaptin-integration-auth-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdaptin%2Fdaptin-integration-auth-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaptin%2Fdaptin-integration-auth-demo/lists"}