@jskit-ai/auth-provider-supabase-core 0.1.55 → 0.1.57

package/package.descriptor.mjs

@@ -1,7 +1,7 @@
 export default Object.freeze({
   "packageVersion": 1,
   "packageId": "@jskit-ai/auth-provider-supabase-core",
-  "version": "0.1.55",
+  "version": "0.1.57",
   "kind": "runtime",
   "options": {
     "auth-supabase-url": {
@@ -83,8 +83,8 @@ export default Object.freeze({
   "mutations": {
     "dependencies": {
       "runtime": {
-        "@jskit-ai/auth-core": "0.1.55",
-        "@jskit-ai/kernel": "0.1.56",
+        "@jskit-ai/auth-core": "0.1.57",
+        "@jskit-ai/kernel": "0.1.58",
         "dotenv": "^16.4.5",
         "@supabase/supabase-js": "^2.57.4",
         "jose": "^6.1.0"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jskit-ai/auth-provider-supabase-core",
-  "version": "0.1.55",
+  "version": "0.1.57",
   "type": "module",
   "scripts": {
     "test": "node --test"
@@ -12,8 +12,8 @@
     "./client": "./src/client/index.js"
   },
   "dependencies": {
-    "@jskit-ai/auth-core": "0.1.55",
-    "@jskit-ai/kernel": "0.1.56",
+    "@jskit-ai/auth-core": "0.1.57",
+    "@jskit-ai/kernel": "0.1.58",
     "json-rest-schema": "1.x.x",
     "jose": "^6.1.0",
     "@supabase/supabase-js": "^2.57.4"

package/src/server/providers/AuthSupabaseServiceProvider.js

@@ -9,6 +9,7 @@ import { buildAuthActions } from "../lib/actions/auth.contributor.js";
 const AUTH_PROFILE_MODE_STANDALONE = "standalone";
 const AUTH_PROFILE_MODE_USERS = "users";
 const SUPPORTED_AUTH_PROFILE_MODES = Object.freeze([AUTH_PROFILE_MODE_STANDALONE, AUTH_PROFILE_MODE_USERS]);
+const INTERNAL_JSON_REST_API = "internal.json-rest-api";
 
 function splitCsv(value) {
   return String(value || "")
@@ -186,6 +187,21 @@ function resolveOptionalRepositories(scope) {
   return repositories;
 }
 
+function isDeferredJsonRestBootGap(app, error) {
+  const hasUserProfilesRepository = typeof app?.has === "function" && app.has("internal.repository.user-profiles");
+  const hasJsonRestApi = typeof app?.has === "function" && app.has(INTERNAL_JSON_REST_API);
+  const message = String(error?.message || "");
+  const causeMessage = String(error?.cause?.message || "");
+  const combined = `${message}\n${causeMessage}`;
+
+  return (
+    hasUserProfilesRepository &&
+    !hasJsonRestApi &&
+    /internal\.json-rest-api/.test(combined) &&
+    /not registered/i.test(combined)
+  );
+}
+
 function applyAuthServiceDecorators(scope, authService) {
   let decoratedAuthService = authService;
 
@@ -315,7 +331,18 @@ class AuthSupabaseServiceProvider {
       return;
     }
 
-    app.make("authService");
+    try {
+      app.make("authService");
+    } catch (error) {
+      // In users mode, repo bindings can exist after register() while the json-rest host
+      // token is still unavailable until json-rest-api.core.boot(). Defer eager authService
+      // materialization only for that exact lifecycle gap; every other configuration error
+      // should still fail fast during boot.
+      if (isDeferredJsonRestBootGap(app, error)) {
+        return;
+      }
+      throw error;
+    }
   }
 }
 

package/test/providerRuntime.test.js

@@ -3,6 +3,7 @@ import test from "node:test";
 import { createApplication } from "@jskit-ai/kernel/_testable";
 import { registerAuthServiceDecorator } from "@jskit-ai/auth-core/server/authServiceDecoratorRegistry";
 import { ActionRuntimeServiceProvider } from "@jskit-ai/kernel/server/actions";
+import { createProviderClass } from "../../kernel/shared/runtime/application.js";
 import { AuthSupabaseServiceProvider } from "../src/server/providers/AuthSupabaseServiceProvider.js";
 
 function createAppConfigFixture() {
@@ -405,6 +406,81 @@ test("auth supabase provider rejects dev auth bypass without internal.repository
   );
 });
 
+test("auth supabase provider defers eager dev auth materialization until json-rest host is available", async () => {
+  const DeferredUserProfilesRepositoryProvider = createProviderClass({
+    id: "aaa.deferred-user-profiles-repository",
+    register(app) {
+      app.singleton("internal.repository.user-profiles", (scope) => {
+        const api = scope.make("internal.json-rest-api");
+
+        return {
+          api,
+          async findById() {
+            return null;
+          },
+          async findByEmail() {
+            return null;
+          }
+        };
+      });
+    }
+  });
+
+  const DeferredJsonRestApiProvider = createProviderClass({
+    id: "json-rest-api.core",
+    boot(app) {
+      app.instance("internal.json-rest-api", {
+        scopes: new Map()
+      });
+    }
+  });
+
+  const app = createApplication();
+  app.instance("appConfig", createAppConfigFixture());
+  app.instance("jskit.env", {
+    AUTH_DEV_BYPASS_ENABLED: "true",
+    AUTH_DEV_BYPASS_SECRET: "dev-bootstrap-secret",
+    AUTH_PROFILE_MODE: "users",
+    APP_PUBLIC_URL: "http://localhost:5173",
+    NODE_ENV: "development"
+  });
+  app.instance("jskit.logger", {
+    info() {},
+    warn() {},
+    error() {},
+    debug() {}
+  });
+  app.instance("domainEvents", {
+    async publish() {}
+  });
+  app.instance("users.profile.sync.service", {
+    async findByIdentity() {
+      return null;
+    },
+    async syncIdentityProfile(profile) {
+      return {
+        id: 1,
+        authProvider: String(profile?.authProvider || "supabase"),
+        authProviderUserSid: String(profile?.authProviderUserSid || "user-1"),
+        email: String(profile?.email || "test@example.com"),
+        displayName: String(profile?.displayName || "Test User")
+      };
+    }
+  });
+
+  await app.start({
+    providers: [
+      ActionRuntimeServiceProvider,
+      DeferredUserProfilesRepositoryProvider,
+      AuthSupabaseServiceProvider,
+      DeferredJsonRestApiProvider
+    ]
+  });
+
+  const authService = app.make("authService");
+  assert.equal(typeof authService?.devLoginAs, "function");
+});
+
 test("auth supabase provider reads oauth providers from appConfig.auth.oauth", async () => {
   const app = createApplication();
   app.instance("appConfig", {